NetScaler 12.0 with SSL A+ and HTTP2 Support

Please refer to the steps below on how to enable XenApp/XenDesktop with NetScaler 12.0 with SSL A+ and HTTP2 support

login to NetScaler via CLI and look for VPN vServer configured

   add vpn vserver **_XD_172.16.1.10_443** SSL 443 

Replace the vServer with VPN vServer and harden it by following the link below

You should get the A+ Score for your XenApp / XenDesktop now

Enable HTTP2
Find the HTTP profile name that associate with the VPN vserver

show VPN vserver
1)      _XD_172.16.1.10_443 ( - SSL     Type: CONTENT
        State: UP
        Down state flush: ENABLED
        Loginonce: OFF
        Disable Primary Vserver On Down : DISABLED
        TCP profile name: nstcp_default_XA_XD_profile
        HTTP profile name: nshttp_default_strict_validation
        Appflow logging: ENABLED
        Authentication : ON
        DeploymentType : ICA_STOREFRONT
        Device Certificate Check: OFF
        CGInfra Homepage Redirect : ENABLED
        Current AAA Sessions: 0
        Total Connected Users: 0
        Icaonlylicense : OFF    IcaProxySessionMigration : OFF
        DoubleHop : DISABLED    Dtls : ON       L2Conn: OFF
        Max Login Attempts: 0    Failed Login Timeout 0
        Fully qualified domain name:
        Listen Policy: NONE
        IcmpResponse: PASSIVE
        RHIstate:  PASSIVE
        Traffic Domain: 0

Enable HTTP2, Direct HTTP/2 and Direct HTTP/2 using Alternative Service with the following command

set ns httpProfile nshttp_default_strict_validation -http2 ENABLED -http2Direct ENABLED -altsvc ENABLED

Verify the HTTP2 is enabled via


Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top