A lot of new users used my script after writing my first blog article for Citrix. Since then I made some improvements and continuing to add new features.
Today I released the latest version of my “GenLeCertForNS” script. Within this version I solved some issues and improved the overall speed (especially with larger orders).
- FIXED: “ERROR: Could not create the order.”; While testing (thanks to Roger, Julian, Erik and Andrew) we saw that updating the script wasn’t always the complete solution. Specifying the parameter “-CleanPoshACMEStorage” after updating the script helped fixing this issue completely. This will cleanup the %LOCALAPPDATA%\Posh-ACME directory.
- CHANGED: Removed the verbose logging; I didn’t liked the output to screen. Therefore I added a logging function to write everything to a log file. Resulting in a cleaner output to the screen. Specifying the “-Verbose” option has no particular use anymore.
- CHANGED: Overall speed; Changed internal process of configuring the Citrix ADC thus improving the speed.
- NEW: Version check to notify you if there is a new (dev) version available:
Sometimes I get the question, which name must I specify with the “-NSCertNameToUpdate” parameter?
The name you need to specify is the name you entered when adding the certificate for the first time “Certificate-Key Pair Name“, now you can reuse this name by updating this object. By updating this certificate you don’t have to change the binding on each VIP.
Get the new version
Get the new version here: v2.6.3
I’m still developing the script to add new features an improve it. If you experience issues let me know, you can also check the dev channel and verify if you still experience it.
The upcoming features currently in dev (v2.7.x):
- NEW: Email functionality; The option to send a mail after the script is finished. Activated by specifying the “-SendMail” parameter and the following are also required: “-SMTPTo, -SMTPFrom, SMTPServer and optionally if required -SMTPCredential“
- IMPROVED: “-NSCertNameToUpdate”; In previous versions you could only specify this parameter if you had an existing certificate you wanted to update. With newer version you can specify this parameter. If the certificate name doesn’t yet exists it will be created.