Securing Citrix Broker XML Service without IIS

So you want to secure the XML traffic going from StoreFront to your Controllers (Brokers)… I think that's a good decision!

In many enterprise level deployments I encounter the following are true:

  • They want to Secure XML – the transaction between StoreFront and the Controllers that contains user information. It's obscured over plaintext but SSL is always better!
  • They DO NOT have IIS installed on the Controllers (as in, no Director or StoreFront roles installed) to keep services isolated and lower the attack surface.