Over a couple of months, I deployed Citrix Web Studio, and the first thing many customers opted for was to set up Citrix Web Studio to load and balance the Web Studio servers. The process isn’t complicated, but I wanted to create a quick blog to outline some things you may notice now. This blog aims to help you with the configuration and to reduce the error you will get while load balancing Citrix Web Studio. While this isn’t a blog on how to set up Web Studio, Citrix has a great resource I will share at the end of the quick blog.

NetScaler Load balance setup

1. The first thing is to add Web Studio Servers into the NetScaler
   1. add server DDC04_Director0410.100.1.4
   1. add server DDC03_Director0310.100.1.9

2. Next, Add LB monitors

a) add lb monitor WebStudio HTTP -respCode 200 -httpRequest “HEAD /citrix/studio/” -LRTM DISABLED -secure YES -sslProfile ns_default_ssl_profile_backend

3. Add the Service Group

a) CLI examples

• add serviceGroup WebStudio_svc_grp SSL -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO
• bind serviceGroup WebStudio_svc_grp DDC04_Director04 443 -state DISABLED
• bind serviceGroup WebStudio_svc_grp DDC03_Director03 443
• bind serviceGroup WebStudio_svc_grp -monitorName WebStudio
• set ssl serviceGroup WebStudio_svc_grp -ssl3 DISABLED -tls1 DISABLED -tls11 DISABLED
• unbind ssl serviceGroup WebStudio_svc_grp -cipherName DEFAULT
• bind ssl serviceGroup WebStudio_svc_grp -cipherName SECURE
• bind ssl serviceGroup WebStudio_svc_grp -certkeyName LabSSLCert

b) GUI examples

4. Create the Load Balancing

a) CLI examples

• add lb vserver CTX_WebStudio_vServer SSL 10.100.1.170 443 -persistenceType COOKIEINSERT -cookieName WebStudio_2311 -cltTimeout 180
• bind lb vserver CTX_WebStudio_vServer WebStudio_svc_grp
• bind lb vserver CTX_WebStudio_vServer -policyName pol_webstudio_rw -priority 100 -gotoPriorityExpression END -type REQUEST Traffic> ManagementLoad> BalancingVirtual >Servers

b) GUI Examples

• Click Add and start inputting the desired information

• Add the Server group and SSL cert for offloading, and Configure SSL Ciphers if you want things tighter around security.

• Server Group

• Updated: Ensure the settings above with the following on the client IP header

• To get the monitor, I opened developer tools to get an idea of how the page is rendered. This allowed me to get a base of what to monitor, even if one of the Web Studio servers went down.

• Initially, I had the Monitor set to GET, but after researching this further, I switched it to HEAD.
• I believe it will cache, and HEAD doesn’t download all the data and does the same check without a cache.

• Add the DNS Name for the LBVS VIP, so you can hit the DNS name of the LB of Web Studio

Redirect the URL

Here are some options to redirect the URL to the full path, so that Admins don’t need to worry about typing the full path.

1. Way 1

• http to https
• http://webstudio.lab.local/ > https://webstudio.lab.local/citrix/studio/login
• But this only works if I type in http and not https. So, I need to rewrite or respond. For https to the full path in my configuration, here.

2. Way 2

• URL rewrite to path https://webstudio.lab.local
• add rewrite action act_webstudio_rw replace HTTP.REQ.URL “\”/Citrix/Studio/Login\””
• add rewrite policy pol_webstudio_rw “HTTP.REQ.URL.EQ(\”/\”)” act_webstudio_rw

Add Delivery Controllers to Web Studio for management.

1. When deploying Citrix Web Studio, you probably will have more than one server; if you don’t, then evaluate your thought process and take the time to add another one here. The docs state, “Use the Studio configuration tool to add the Delivery Controllers to Web Studio for management. This tool is available in the Web Studio installation folder.” Adding the Delivery controls here will update the mainfest file”

• As an example, in my lab.
• .\StudioConfig.exe –server “ddc103.lab.local,ddc04.slab.local”

• What this does is update the manifest file here in the following location. “C:\Program Files\Citrix\Web Studio\Site\assets\json”

Load Balancing Testing

2. At this time, I tried hitting the LB DNS Name and could not sign into Studio. I get the following issues most of the time, and I was not sure why. I found that you need to update a JSON file ( Manifest file) that allows the Web Studio DNS name to proxy for the delivery controllers.

3. Note: I was also told that you could do a rewrite if you do not want to update the manifest file. You can, most certainly, set a rewrite action with the NetScaler. If you choose to do this, use the information below as a starting point.

• add rewrite action RWA_Webstudio_Proxy_FQDN replace q/HTTP.RES.BODY(10000).AFTER_STR(“proxy\”: \””).BEFORE_STR(“\”,”)/ “\”webstudio.domain.local\””

• add rewrite policy RWP_Webstudio_Proxy_FQDN “HTTP.REQ.URL.PATH.TO_LOWER.EQ(\”/citrix/studio/assets/json/manifest.json\”)” RWA_Webstudio_Proxy_FQDN

4. I then proceeded to test each DDC. It’s off-topic, but it shows Tech Preview. Something is left over here. But no Biggy. I just noted it here, just in case you see it.

5. I took a backup of the manifest file and proceeded to modify it to fit what I needed.

6. My first attempt was to try the PowerShell StudioConfig.exe tool.

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/2311/install-configure/install-core/install-web-studio.html#add-delivery-controllers-to-web-studio-for-management

7. Test 1: Updated via PowerShell one-liner “StudioConfig.exe tool” = Failed

• I tried hitting the Web Studio page again and got the same error. I looked at the manifest file and thought it would update the proxy part inside the manifest file Proxy section in between the “quotes” adding “webstudio.lab.local”. However, it was still blank, and I noticed it would only update the orchServerList. Next, I proceeded to update it manually.

8. Test 2: Manual updated Proxy section to DNS name of LBVS = Pass

• I manually edited the sections below. I also did this for both Delivery Controllers to ensure these are alike. In this case, it is the same server as my DDCs.

9. Test 3: proxy URL validation

• I cleared the cache and tested it in private mode for my next phase. I also tested this on different desktops. I believe that was needed in the file, as my error had disappeared.

10. Test 4: I needed to be sure that was what fixed it. I then returned the original File to ensure it would break again and proceeded to test accordingly. Both Delivery Controllers were returned to this, representing the original manifest file.

11. As soon as I did an IISRESET on both of the Delivery Controllers, I could confirm right away that it did, in fact, break. I moved on to hit each URL one at a time here and then the DNS name to ensure that I was getting it in a consistent state.

12. Test 5: Put the modified file (Proxy URL) back into place = Pass

• I then put the proxy back into place. (I am not using a proxy, but it seems the NS is treated like one from a Web Studio aspect)

• Next, I tested it on three machines to ensure the LB DNS name does not get the error again. Note: I used my server browser and my local PC.

That concludes setting up Web Studio with a NetScaler Load balancing vServer. I also followed up with the folks at Citrix about this, and they are confirming the details here.

Also if needed, you can prefill the domain name here if desired.

How to pre-populate domain name in Citrix Web Studio logon page

Note: 2311 + Changed this, and the doc above was modified accordingly.

• C:\Program Files\Citrix\Web Studio\Site
• File: projects_mainapp_src_bootstrap_ts.46e9935ed0f6878f.js
• Seach this.domain=””
• Only edit this line or section on both servers.