Citrix ADC Integration Guide

Creating an authentication server in Citrix

To allow PingFederate to handle authentication requests, add your PingFederate signing certificate and sign-on URL.

Steps

  1. In Citrix ADC, complete the steps in Enabling authentication, authorization, and auditing in the Citrix documentation.

  2. Go to Configuration → Authentication → Dashboard. Click Add.

  3. In the Create Authentication Server window, in the Choose Server Type list, select SAML.

  4. In the Name field, enter a name to represent your PingFederate server, such as PF_Auth_Server.

  5. Clear the Import Metadata checkbox.

  6. In the Redirect URL field, enter the following PingFederate sign-on URL. Substitute your hostname and port, and choose a connection ID.

    https://pf_host:pf_port/idp/startSSO.ping?PartnerSpId=connectionID

    You will use the connection ID again in Creating a single sign-on connection.

  7. In the SAML Binding and Logout Binding lists, select POST.

  8. Add your PingFederate signing certificate.

    1. Under IDP Certificate Name, click Add.

    2. In the Certificate-Key Pair Name field, enter a name, such as PF_Certificate.

    3. In the Certificate File Name section, upload the certificate that you saved in Exporting your PingFederate signing certificate. Click Install.

  9. In the Issuer Name field, enter a name to represent Citrix, such as CitrixSAML.

  10. In the Reject Unsigned Assertion list, select OFF. Click More.

  11. In the Signature Algorithm section, click RSA-SHA256.

  12. In the Digest Method section, click SHA256. Click Create.