Working on a project to move Cloud NetScaler to on-premise for a customer, we had issue with Secure Web Link.
In fact, if you have this configuration (Cloud XMS, On-prem NetScaler) and you configure Web Link with for example the following URL:
http://www.domain.com
When you will open the Web Link the URL will be changed from http://www.domain.com to https://www.domain.com
This happen because SSL Redirect is configured on the Cloud NetScaler that provide access to XMS Cloud through Content Switching vServer.
It cannot be disabled, so what is the solution?
In fact 3 solutions exist:
- Create a whitelist for the URL
- Change weblink to https but if you need access to external URL that are not configured to support SSL it will not work
- Do not use Weblink but Favorites/Bookmark inside Secure Web
For option 1, a Citrix article exist and can be found here
For option 3, it’s the simplest to implement, however it will provide the Favorites/Bookmark to all users and it should not be what you want.
For option 1, if you decide to use it, here is the command to run on your NetScaler:
add policy patset xms_http_list
bind policy patset xms_http_list www.domain.com -index 1 -charset UTF_8
add rewrite action XMS_http_list_rw_action replace “http.RES.HEADER(\”Location\”).REGEX_SELECT(re!https!)” “\”http\””
add rewrite policy XMS_http_whitelist_rw “http.RES.HEADER(\”Location\”).CONTAINS_ANY(\”xms_http_list\”)” XMS_http_list_rw_action
And finally bind the Rewrite policy to your NetScaler Gateway
Note: Those information are provided based on my own experience.