Citrix receiver ssl connection couldn't be established
Solution 1
To resolve this issue, you can refer to the following links:
Secure - Citrix Product Documentation
How to convert .crt to .pem - Stack Overflow
I can get the receiver application to trust the server's certificate by the following steps:
- Export server certificate from the web browser. The certificate is exported in the file extension
.crt. You may also find them in/usr/share/ca-certificates/mozilla/* -
Convert the crt file to a pem file by the following command:
openssl x509 -in mycert.crt -out mycert.pem -outform PEMwhere
mycert.crtis the exported certificate. -
Copy the pem file to
$ICAROOT/keystore/cacertsNormally
$ICAROOT=/opt/Citrix/ICAClient Rehash the certificate by the following command: $ICAROOT/util/ctx_rehash
- Reopen Citrix Receiver. It should trust the certificate now.
Solution 2
Revert to Citrix Receiver (v13.4)
And then follow the steps from Chin-Chang Yang above..
Refer this link!
Wallace44
Updated on September 18, 2022Comments
-
Wallace44 over 1 year
I'm having some troubles getting citrix receiver (client agent, not web) working on ubuntu 16.04.1 LTS.
After initial install, I added Firefox' CA Certs to the cacerts folder in /opt/Citrix/ICAClient/keystore by using a symbolic link, followed by a rehash of the certs;
sudo ln -s /usr/share/ca-certificates/mozilla/* /opt/Citrix/ICAClient/keystore/cacerts/ sudo c_rehash /opt/Citrix/ICAClient/keystore/cacerts/This got citrix working if I go via the web browser. Apps launch and everything is A-OK.
I can't for the life of me get the receiver application to work though. When i try and add my company's store the client, it fails instantly with:
Your account cannot be added using this server address. An SSL connection to the server couldn't be established because the server's certificate was not trusted.The certificate we are using for Storefront (served via Citrix Netscaler gateway) is a wildcard issued by GoDaddy. Does anyone know whether or not I need to add this certificate in somewhere so Citrix Receiver client will work?
Any help would be greatly appreciated.
Cheers.
-
laplasz over 5 yearsthx, Citrix sucks - I always had issues with new versions - going back to 13.4 solved those ones
-
Zack about 5 yearsA note if the solution above doesn't work right away: I had to export and add every single certificate in the certificate chain before getting the receiver to work. In my case that was: 1.
GoDaddyRoot...certificate, 2.GoDaddySecure...certificate, 3. my organization's certificate -
Brian Jorden about 5 yearsThanks Zack, that was my EXACT situation as well and these two suggestions combined resolved my issue. The specifics of those certs and the timing make me wonder if you are the Zack I've met at SA. Thanks for adding this comment either way.
