[custom-header-login]
The standard courses from Citrix will talk about IMA encryption and the ctxkeytool.exe program to enable it, but other than this brief mention you are left on your own. In this video we take you through the steps to enable IMA encryption.
- Copy the file [XenApp-install-DVD]:supportctxkeytool.exe and the folder [XenApp-install-DVD]:supportresource to a target directory on each XenApp server. The target directory could be something like c:Citrix as we use in the video. The directory, once created and populated, would look similar this this:
c:Citrixctxkeytool.exe c:Citrixresource
- Once the first server into the farm is installed and rebooted configure IMA encryption
- c:citrixctxkeytool.exe generate NewFarmkey
- c:citrixctxkeytool.exe load NewFarmkey
- c:citrixctxkeytool.exe newkey
- c:citrixctxkeytool.exe query
- copy c:citrixNewFarmKey to each XenApp server and complete the configuration of each new XenApp server but DON’T reboot
- On each XenApp server once they have joined the farm but before their reboot
- c:citrixctxkeytool.exe load NewFarmkey
With this done you have enabled IMA encryption and encrypted the credentials used for the accessing the farm database and configuration logging databases.