If the Citrix XML service is changed and your applications can be accessed externally using the Citrix Secure Gateway, you may receive the following message when using the Secure Gateway to launch applications:

The Citrix SSL server you have selected is not accepting connections.

In our example, the Secure Gateway resides in a DMZ and an administrator changes the XML service from 80 to 8080. The admin also runs the Secure Gateway Configuration Wizard to set the STA TCP Port to 8080 and changed the internal firewall rule to allow Port 8080 from the Secure Gateway to the Citrix servers.

Everything looked great until an application was launched, leading to the message above.

Unfortunately, the admin forgot to change the STA URL as seen in the Citrix Access Management Console for the Web Interface. To change this setting:

1. Launch the Citrix Access Management console
2. Highlight the Secure Gateway’s Web Interface page
3. Under Common Tasks, click Manage secure client access
4. Select Edit Gateway Settings
5. Change the STA URL

Since the XML port changed from 80 to 8080, change the STA URL from http://citrixserver/scripts/ctxsta.dll to http://citrixserver:8080/scripts/ctxsta.dll

6. Save the change and test applications. Users should be much more productive now that their applications work.