Installing and Configuring Citrix StoreFront 2.0

Installing-and-Configuring-Citrix-StoreFront-2-Banner

With the release of Citrix XenDesktop 7, Citrix also released Citrix StoreFront 2.0. One of the biggest improvements is that StoreFront does not use a Microsoft SQL database anymore! This simplifies the installation because you no longer need to run the database setup scripts. Also the HTML5 HDX Receiver is now fully integrated into StoreFront and is no separate installation anymore.

This guide describes the step-step installation of Citrix StoreFront 2.0, how to configure the StoreFront server, including secure connection over HTTPS, IIS default site redirection, HTML5 HDX fallback receiver and Remote Access with NetScaler Access Gateway.

For the secure connection over HTTPS you need to install a server certificate (described in this guide), make sure you have Active Directory Certificate Servers with the Certification Authority and the Certification Authority Web Enrollment roles installed in your environment.  Also make sure the root CA is installed on every client and StoreFront server.

Installing Citrix StoreFront 2.0

Installing-and-Configuring-Citrix-StoreFront-2-002

Start the setup, select I accept the terms of this license agreement and click Next

Installing-and-Configuring-Citrix-StoreFront-2-003

Click Next

Installing-and-Configuring-Citrix-StoreFront-2-004

Click Install

Installing-and-Configuring-Citrix-StoreFront-2-005

Click Finish 

The administration console will now start automatically. To enable a secure connection over HTTPS, it is important to first install the server certificate before configuring StoreFront. 

Installing a Server Certificate

When using more than one StoreFront servers in your environment, make sure you have a DNS Host (A) record created pointing to the StoreFront load balancer address. It’s important to use that name for the server certificate.

 Installing-and-Configuring-Citrix-StoreFront-2-006

Open the Internet Information Services (IIS) Manager and open Server Certificates

Installing-and-Configuring-Citrix-StoreFront-2-007

On the right side of the window click Create Certificate Request

Installing-and-Configuring-Citrix-StoreFront-2-008

Fill in the requested information. By Common name fill in the StoreFront load balancer address, for this case I use “storefront.hobo.lan”.

Installing-and-Configuring-Citrix-StoreFront-2-009

Select Microsoft RSA SChannel Cryptographic Provider and a 2048 bit length.

Installing-and-Configuring-Citrix-StoreFront-2-010

Save the request to a text file and click Finish

Installing-and-Configuring-Citrix-StoreFront-2-011

Open Internet Explorer and browse to http://<your Certification Authority server/certsrv
Click on Request a certificate

Installing-and-Configuring-Citrix-StoreFront-2-012

Click on advanced certificate request

Installing-and-Configuring-Citrix-StoreFront-2-013

Click on Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file

Installing-and-Configuring-Citrix-StoreFront-2-014

Open the saved request file, select all text and copy the text into the Save Request field. Select Web Server as Certificate Template and click Submit

Installing-and-Configuring-Citrix-StoreFront-2-015

Select Base 64 encoded and click Download certificate to download the certificate file.

Installing-and-Configuring-Citrix-StoreFront-2-016

Go back to the Internet Information Services (IIS) Manager and click Complete Certificate Request

Installing-and-Configuring-Citrix-StoreFront-2-017

Browse to the certification file, enter a Friendly name, and select Personal as certificate store. Click OK

Installing-and-Configuring-Citrix-StoreFront-2-018

On the left side of the window, select Default Web Site, on the right side, click Bindings

Installing-and-Configuring-Citrix-StoreFront-2-019

Click Add

Installing-and-Configuring-Citrix-StoreFront-2-020

Select HTTPS as Type and select the StoreFront SSL certificate. Click OK

Installing-and-Configuring-Citrix-StoreFront-2-021

Click Close

Configuring Citrix StoreFront 2.0

In the next part I will setup the Store and configure the basic settings including adding the NetScaler, edit the authentication methods, configuring trusted domains and manage password options.

Installing-and-Configuring-Citrix-StoreFront-2-022

Open the StoreFront management console and click on Create a new deployment

Installing-and-Configuring-Citrix-StoreFront-2-023

The Base URL is filled in automatically, click Next

Installing-and-Configuring-Citrix-StoreFront-2-024

Enter a Store name (anything you like) and click Next

Installing-and-Configuring-Citrix-StoreFront-2-025

Click Add

Installing-and-Configuring-Citrix-StoreFront-2-026

Fill in the requested information about the Delivery Controller you want to add and click OK

Installing-and-Configuring-Citrix-StoreFront-2-027

If you want to add more Delivery Controllers click Add again, otherwise click Next

Installing-and-Configuring-Citrix-StoreFront-2-028

Now you can add the NetScaler Gateway. This step is optional, if you do not have a NetScaler configured in your environment you can select None. For this blog I will add my NetScaler, so I select Full VPN tunnel and click on Add

Installing-and-Configuring-Citrix-StoreFront-2-029

Fill in the requested information for the NetScaler. The NetScaler Gateway URL is “HTTPS://<domainname>/Citrx/<storename>Web”. The Subnet IP address is optional and can be left blank. Click Next

Installing-and-Configuring-Citrix-StoreFront-2-030

Click Add

Installing-and-Configuring-Citrix-StoreFront-2-031

Enter the STA of you Delivery controller and click OK

Installing-and-Configuring-Citrix-StoreFront-2-032

Click Create

Installing-and-Configuring-Citrix-StoreFront-2-033

Click Create

Installing-and-Configuring-Citrix-StoreFront-2-034

Click Finish

Installing-and-Configuring-Citrix-StoreFront-2-035

On the left side click Authentication, on the right side click Add/Remove Methods

Installing-and-Configuring-Citrix-StoreFront-2-036

Select what is applicable and click OK

Installing-and-Configuring-Citrix-StoreFront-2-037

Click on Configure Trusted Domains

Installing-and-Configuring-Citrix-StoreFront-2-038

When configuring a Trusted Domain, the user does not need to enter the domain name at logon. Configure what is applicable and click OK.

Installing-and-Configuring-Citrix-StoreFront-2-039

Click on Manage Password Options

Installing-and-Configuring-Citrix-StoreFront-2-040

Select what is applicable and click OK

 IIS Default site redirection

 In the Citrix StoreFront management console there is no option to set the StoreFront Receiver for Web URL to the server default website like the old Citrix Web Interface (WI). Without configuring Default site redirection, a user always needs to enter the full StoreFront Receiver for Web URL, including the “/Citrix/<storename>Web. A good way to configure this is within the Internet Information Services (IIS) Manager.

Installing-and-Configuring-Citrix-StoreFront-2-041

Open the Internet Information Services (IIS) Manager. On the left side browse to the Default Web Site. On the right side double click HTTP Redirect

Installing-and-Configuring-Citrix-StoreFront-2-042

Select Redirect requests to this destination and add your StoreFront Receiver for Web Site URL. Select Redirect all request to exact destination and Only redirect requests to content in this directory. Click Apply on the button in the top right corner.

Now when a user enters the default web site URL he will be redirected to the StoreFront Receiver for Web URL.

Enable the HTML5 HDX fallback receiver

This cool feature is now fully integrated within StoreFront 2.0, you only have to enable it within the StoreFront management console.

Installing-and-Configuring-Citrix-StoreFront-2-043

On the left side click on Receiver for Web, on the left side click on Deploy Citrix Receiver

Installing-and-Configuring-Citrix-StoreFront-2-044

Select Use Receiver for HTML5 if local install fails, this will first check if a local Receiver is available and if not, the webinterface will give the option to download and install it. If the installation fails or the users logs in without installing it, the webinterface falls back to the Receiver for HTML5.

 Or, select Always use Receiver for HTML5, now the web interface will always use Receiver for HTML5, it will not check for a local installed version and it will not give the option to download it at logon.

 Click OK

If you connect to the StoreFront webinterface trough the NetScaler these steps are enough to let the HTML5 receiver work. But if you connect local to the StoreFront webinterface you have to apply the following Citrix Computer Policies to your XenApp and/or XenDesktop servers first;

Installing-and-Configuring-Citrix-StoreFront-2-045

WebSockets Connections – Allowed
WebSockets port number – 8008 (default)
WebSockets trusted origin server list – *

When using Mozilla Firefox users must set network.websocket.allowInsecureFromHTTPS to True in the about:config

Installing-and-Configuring-Citrix-StoreFront-2-046

You can now logon to the Citrix StoreFront webinterface and start your published applications and desktops.

Installing-and-Configuring-Citrix-StoreFront-2-047

If the HTML5 Receiver is configured well, a Windows 8 Published desktop will open in a new browser tab as shown in the picture above, how cool is that? ;-)

Robin Hobo works as a Technical Consultant with main focus on Mobility and Application & Desktop delivery. He is specializes in Citrix, Microsoft and AppSense products.