Error: “HTTP/1.1 Internal Server Error 43554” When Logging on to NetScaler Gateway

Error 43554 usually means that NetScaler cannot resolve the FQDN of the StoreFront server or Web Interface server that is configured in the Web Interface Address field on the Published Applications tab in the NetScaler Gateway Session Profile.

If you have multiple NetScaler Gateway Session Policies pointing to different StoreFront or Web Interface addresses, then make sure you know which Session Policy is being applied to the session. From the NetScaler CLI, you can use one of the following commands to see the applied policy:

• For Session Policies using Classic Expressions, run:
  nsconmsg -d current -g pol_hits
• For Session Policies using Default Expressions (available in NetScaler 12 and newer), run:
  nsconmsg -d current -g pcb_hits

Examine the Session Profile for the Session Policy that is hit, to identify the FQDN of the Web Interface or StoreFront server in the Web Interface Address field on the Published Applications tab.

1. Make sure the hostname portion of the URL is a Fully Qualified Domain Name (FQDN), and not a single label name. NetScaler can resolve FQDNs, but not short names.
2. Check the URL for any typo.
3. Copy the FQDN and try to ping it from the NetScaler CLI. If ping doesn’t show an IP address, then you’ll need to fix DNS resolution on the NetScaler.
4. Alternatively, change the host name portion of the URL from FQDN to IP address. For example:
   Old value: http://<StoreFront_FQDN>/Citrix/<storename>Web
   New value: http://<StoreFront_LB_VIP>/Citrix/<storename>Web

Note: This issue not caused by the browser or end-user. Here we see the above-mentioned error in the browser however the decrypted capture will show an HTTP 500 error code.