Citrix states in their article: CTX154004

CTX154004 - Error: (Received Bad Public Key Certificate for (IP Address) from Form) after Using the Online Registration

This document was published at: http://support.citrix.com/kb/entry.jspa?externalID=CTX154004

Document ID: CTX154004, Created on: Jun 22, 2001, Updated: Apr 23, 2003

Products: Citrix Extranet 2.0

After using the online registration, users receive the error message.
WARNING! Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Make sure you back up the registry before you edit it. If you are running Windows NT, also update your Emergency Repair Disk (ERD).

Background Information

This error has occurred while using Vladmin.exe to add user accounts. When Vladmin checks to ensure that the current hostname matches the licensed hostname, it does so in the following manner:

It gets the first part of the hostname (that is, extranet) from the following registry entry:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersHostname

Then it looks for the second part of the hostmane in two places:

First: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersDomain
Then: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersDhcpDomain

It appends these two parts to create the FQDN, which must match the contents of sgc.ini as it existed during license activation. If both "Domain" and "DhcpDomain" are blank, only the hostname is returned.

Troubleshooting

Ensure that the following registry values are set:

HKEY_LOCAL._MACHINESYSTEMCurrentControlSetServicesTcpipParametersHostname = extranet
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersDomain =

If these values are set correctly, test the *.cer and *.pub keys in extranet.

To test the existing license on the Extranet server, perform the following steps:

1. Copy your *.prv, *.pub, and *.cer to the Extranet server directory.

2. On the command line, change directories to the Extranet server and run testkey . This produces an okay for the *.pub file.

3. On the command line, run testkey2 . This produces an okay and certificate verified.

If neither is produced, try adding a user manually using the Extranet server.

Adding a User to the Extranet Server

1. Open Extranet server and select the User tab.

2. Click Add and enter the user information.

3. Copy the authentication key (*remember this is case sensitive).

Adding a User to the Client

1. Go to the client system and open the Extranet client.

2. Proceed to View "Vone Token Settings," select key information, then enter using the access code.

3. Click Add.

4. Enter your information in the following fields:

A. Keyname: equals any name you desire
B. User name: your name
C. Server name (or IP address): the address to which you OLR to
D. Key material: authentication key you made note of

NOTE: You cannot copy and paste from one to the other.

5. Make a connection to a server.

This allows you to make a connection using Extranet. If not, run the genkey program to generate new keys, then reset the serial number to get a new cer file. Change Reginfo.dat (or Config OLR in Admin GUI) and add the new keyname.