Mixed Content warnings when using SSL Offloading? Use the NetScaler Rewrite Policies…

Citrix NetScaler is one of the most advanced and impressive products that I used throughout the past 5 years. Started with the configuration of the NetScaler Access Gateway, and ended up with all the advanced features, such as URL Rewrite, Content Switching (CSW), Global Server Load Balancing (GSLB) and URL transformations.

(I’m also advice you to take a look at GSLB, I’ll already covered this feature earlier in a CUCG User Share Webinar, together with Fellow NSIG leaders Dave Brett and Carsten Bruns).

When u setup the following scenario… SSL Offloading and the Web Application and / or service requires the transformation of the internal HTTP Protocol to a Secure HTTPS connection on the outside and experience problems with the URL transformation. For example, the application doesn’t show the right redirections, and it still places http:// in front of some of the links. To solve this problem, you’ll need to active Rewrite Actions, which will translate all the SSL Offloading HTTPS requests back to HTTP in the header. At this moment, the Web Application will know his way and will proceed working properly.

In this article, I’ll show you how you can configure URL Rewrite / Responder Policies to make sure that your Web Application continues working after activating SSL Offloading, when the back-end is listening on the HTTP Protocol.



Errors without URL Rewrite activated

The following error can return, when u activated SSL Offloading without using URL Rewrite policies…

And the following errors can return in the Developer Tools

Solve this Mixed Content error by proceeding the steps below.

URL Rewrite configuration steps

Perform the following steps to use the rewrite feature to replace occurrences of http:// with https:// in the body of an HTTP response. At this way, the protocol transformation steps will be translated

Step 1: Create a Rewrite Action through the following command

Step 2: Aanmaken van rewrite policy

Step 3: Bind the new Rewrite policy to the Virtual Server of the Web Application Server – as Response Rewrite Policy.

Note: Check the following Citrix Docs article for all the other Policies and Expressions possibilities that are available for NetScaler. https://docs.citrix.com/en-us/netscaler/11/appexpert/policies-and-expressions/ns-pi-summ-exmp-adv-expr-pol-wrapper-con.html

That’s it, I’ll hope this helps to solve your problem.


Christiaan Brinkhoff


Christiaan Brinkhoff

Christiaan Brinkhoff

Christiaan Brinkhoff works as Cloud Architect and Technology Evangelist for the Windows Virtual Desktop (WVD) and FSLogix team within Microsoft (ExtOps) and is the owner of christiaanbrinkhoff.com IT Consulting. In addition to his work, he shares his passion for Cloud innovation by speaking at large international conferences, writing articles for vendors and external community programs, such as VDILIKEAPRO, WhatMatrix, as well as on his website. This community-related work got him the privilege to achieve the following three - Microsoft Valuable Professional (MVP) for Microsoft Azure, Citrix Technology Professional (CTP), VMware vExpert - vendor awards. There are currently only five people in the world that have all these titles combined.
Christiaan Brinkhoff