Aug 312015

Another Netscaler – Powershell script leveraging Nitro!
This script will create a Cipher Group with all the right Cipher Suites (depending on VPX\MPX), or let you select one you have already created, and assign it to any ssl vserver.  NOTE:  Very important!!  If you do this to a XD/XA gateway – all users connected through that gateway will be disconnected!!  (they can of course just re-connect).  Below is a video from my test environment.  You will see that “TestCGN” Cipher Group does not exist.  I create it, and then select my owa ssl vserver as the vserver to bind it to (I could have selected them all).  The link to the script is below the video – remember TEST before using it in production!

Edit: Completely slipped my mind to disable SSLv3.  I updated the script to disable SSLv3/TLS1, and enable TLS1.1/1.2.  If you have an SSL Profile set this might fail.  Fixed that too :-)… and updated the video.


 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">



This site uses Akismet to reduce spam. Learn how your comment data is processed.