Every now and then it’s necessary to actually look into a SSL stream between client and NetScaler to inspect what’s actually happening. I struggled with this topic quite a bit, and documentation (eg. From Citrix) is not always complete. I will not pretend this document covers all, but I had some good successes decrypting traces with the following procedure. If you have any additions please let me know, and I will be happy to add them to this post.