1

So I'm configuring a new Citrix gateway to provide external access for one of our clients, and they're complaining about a dual cache-control entry, basically like this:

Cache-Control: "no-cache, no-store, must-revalidate"

Cache-Control: "no-cache"

Now I don't really know whether that is acceptable or not, but I also don't know where the 2nd header is coming from as I only have one cache-control action/policy configured in this gateway. Some other things I'm noticing is that, when running a SSL test (Qualys') results say that I don't have STS and Content-Security configured, yet I do have policies for those headers binded to my VS: Bindings These are the actions: Actions

And I did notice that there are no hits for most of these policies for some reason: hits

Is there anything wrong with my config?

Thanks and Regards

PabloSL
  • 11
  • 1

2 Answers2

0

Regarding the cache you will need to run a network trace on the Netscaler (set size to 0 and capture ssl keys) and you will have to observe where the Header comes from.

For the no hits try binding a policy of NOCACHE (expression true) with priority 1 to the cache policies on the vserver. then flush the cache of the Netscaler and try again. I dont know your setup but this might also fix the Cache-Control Header if the Netscaler is the one doing it.

virgula24
  • 523
  • 5
  • 23
0

just adding a small but essential setting.

enableStaticPageCaching for authentication and vpn portal web pages

https://developer-docs.citrix.com/projects/netscaler-command-reference/en/12.0/aaa/aaa-parameter/aaa-parameter/

KaiT
  • 156
  • 2