http/1.1 internal server error 43531

[mnovaci566]

helou...

 

I have a problem that I need to solve regarding my external users.

 

I setup Xendesktop farm, and everything Works fine from inside.

 

To make Storefront url be reachable to my external users, I implemented Netscaler 10.5 VPX Express (with 1 year trial license - yes, we plan to buy customer license).

We enter all IP (NSIP, MIP... external IP which we bind to our virtual server for Storefront), we insert pem certificate (which is wildcard that we use for our Storefront url) and we configure virtual server guided by connection - Integrate with Citrix Products - XenApp and XenDesktop...

 

And everything is green.

 

But, when I try to reach to external URL which we configure on Netscaler virtual server, First, I got Netscaler VPN logon screen (which by the way I want to remove - I want for my users to have Storefront URL), and after I enter my domain credentials, I got Http/1.1 Internal Server Error 43531...

 

I'm stuck here and I don't Know what to do...

 

When I logon to Netscaler web interface, everything looks fine there... I suspect that there is a problem with session policies but I'm not so much in Netscaler...

 

Any help would be much appreciated...

 

Thank you in advance...

[CarlStalhood]

The DNS name for NetScaler Gateway must be different than the DNS name for StoreFront.

 

See this article - http://support.citrix.com/article/CTX139963

[mnovaci566]

Yes, I checked that... We use different DNS names... But, I managed to solve this problem... It turns out that, since Netscaler iz our DMZ, my network guys didn't open SSL port to delivery controller at internal firewall...

Now, when I try to open external URL, I receive Storefront screen, but I don't receive logon prompt. What I get is Cannot complete your request message... - Or should I open new topic for this? :)

 

Anyway, thank you Carl for answering me...

[CarlStalhood]

That means there is something wrong with your callback URL. Check the event viewer on your StoreFront server.

[mnovaci566]

Yes... I was just checking that...

 

I get logon screen... But when I enter my credentials, nothing happens... My password dissapear, and that's it...

 

In that time, I check event log at Storefront server and I saw two warnings:

 

Source: Citrix Authentication Service

Event Id: 1

Task Category: (2007)

A request was sent to service 'Authentication Service' that was detected as passing through gateway. This service is configured with the gateways, but none of these matched the request. Request details:

X-Citrix-Gateway:

X-Citrix-Via: FQDN

X-Citrix-Via-VIP: VIP address

Remote Address: Storefront address

X-Forwarded-For: Netscaler address

 

 

and

 

 

Source: Citrix Store Service

Event ID: 1

Task Category: (2007)

 

A request was sent to service 'StoreName' that was detected as passing through a gateway. This service is configured with the gateways, but none of these matched the request. Request details:

X-Citrix-Gateway:

X-Citrix-Via: URL

X-Citrix-Via-VIP: VIP address

Remote address: Storefront address

X-Forwarded-For: Netscaler address

[mnovaci566]

One more thing...

I tried to logon with wrong password, and I get message that it is invalid, so, domain can check my credentials...

 

And I'm using same wildcard certificate on Netscaler aswell as on Storefront IIS. It't public signed certificate...

[CarlStalhood]

In StoreFront, click Gateways. Edit your gateway. Make sure the Gateway FQDN matches what you enter in your browser address bar.

[mnovaci566]

Yes, I did that and now I can get to my Citrix Resources (hosted shared desktop and apps).

Thank You Carl.

You've been helpful...

 

Now I have minor problems, but I think that I can manage that...

 

When I try to start app or desktop, during establishing connection, I get error "the connection failed with status (1110)"...

But I think that we need to open some more ports to internal Citrix infrastructure, from Netscaler...

 

Anyway, Thank you again.

[Edgar Eugênio Silva]

Hi,

 

I need some help with the following topology:

 

1. NetScaler VPX Gateway 10.5

2. Citrix XenDesktop 7.5

 

When users access via external receive the following message "Http / 1.1 Internal Server Error 43531"

 

This message appears after users access the URL, enter with credentials.

 

What strikes me is not getting bring the StoreFront window.

 

They could help me?

 

Thanks, Edgar Eugenio.

[John Ward1709152622]

I have found that missing DNS servers on NetScaler OR being unable to resolve the FQDN that Gateway is trying to reach in your session profiles will cause this code to appear.

[Maciej Domyslawski]

I had same error, strange started when old certificate expired while working on new one already.

I found IIS site TCP 443 binding had empty certificate. Could be IIS was not rebooted after cert renewal as testing was showing new cert is effective and working already.

Could someone finds that useful.

[Bartosz Tyrakowski]

I have seen this issue, when the Gateway is set to “ICA Only” and there is no session policy applied due to a policy filter by AD groups (i. e. in a multi domain environment, where the AD groups are used to apply different session profiles, with different Single Sign-on Domains). Hope this helps anyone.