Linux citrix ssl error 61

Ubuntu 15.10 — Citrix Receiver — SSL error 61

The following Error occures when trying to use Citrix (access SAP Training via Citrix) on Ubuntu 15.10: Citrix Receiver
SSL error
Contact your helpdesk with th following inofrmation:
You have not chosen to trust «Symantec Class 3 Secure Server CA / G4», the issuer of ther server’s security certificate (SSL error 61). Citrix SSL Error Message I installed Citrix according the Tutorial How to install Citrix Receiver icaclient in Ubuntu 14.04 LTS 64-bit The installation completed without any errors. I also made sure that the certificates are there according to the CitrixXenAppPlugin — configure certificates: enter image description here Additionally I checked in Firefox if the certificates are known and even checked all marks (which where not checked before) (Under Settings -> Advanced -> Certificates): Firefox Certificate settings What am I missing?

3 Answers 3

OK thx to the hints from @sletarte here the solution:

  1. Place certificate to be trusted in /usr/local/share/ca-certificates
  2. Execute sudo update-ca-certificates
    You should see something line this:
    1 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d. Adding debian:SymantecClass3SecureServerCA-G4.pem
  3. Use Google Chrome instead of Firefox

I’m using Ubuntu 16.04.1, Firefox 50 and Citrix Receiver 13.4.

@thorsten-niehues solution didn’t work for me unfortunately.

To solve the problem, I had to copy the .crt file to /opt/Citrix/ICAClient/keystore/cacerts

I was then able to connect to Citrix with Firefox and with Chrome without any problem.

Источник

Citrix SSL Error 61 – “GlobalSign Root CA”

After a long period of not having issues with Citrix, this old chestnut popped up again.

You have not chosen to trust “GlobalSign Root CA”, the issuer of the server;s security certificate (SSL error 61)

ca01

I checked back and we had this one before way back in 2012. The problem is that the cert is not in the plugin directory that wfica uses. So the solution is to get it and put it in the correct place.

Читайте также:  Linux send signal to thread

At the time Firefox had removed the option to export certificates but fortunately it has bee restored.

Firefox F10 > Edit > Preferences > Advanced > Certificates > View Certificates

Scroll down and click on “GlobalSign Root CA” (under GlobalSign nv-sa), and then press Export.

ca02

ca03

Then copy it into the correct directory.

sudo cp ~/tmp/cert/GlobalSignRootCA.crt /opt/Citrix/ICAClient/keystore/cacerts/

8 Responses to Citrix SSL Error 61 – “GlobalSign Root CA”

Thanks very much for this fix. I had this immediately after downloading a new installation of Citrix Receiver via our company’s NetScaler.

Export GlobalSign CA root cert from Chrome 63 on Red Hat 7: Three dot in top right corner -> Settings -> Advanced (Bottom of the page) -> Manage certificates (in the “Privacy and security” section) -> Authorities (tab) -> expand “org-GlobalSign nv-sa” -> click the three dots next to “GlobalSign Root CA” and select “export” Step two: If you’re doing this to access some random-@#$ win32 executable that should have been replaced by some software from the current millenium, just get it over with right now and throw yourself out the window, trust me; it’s not going to get better! Also, thanks for the guide, it made a crappy situation slightly more bearable 🙂

Good tutorial, but I had to export GlobalSignRootCA-R3 and not GlobalSignRootCA to make it work on my linux debian 10. Be sure that the cert is readable for any user too.

Ubuntu 19.10 here. Helped a lot. Thank you very much.
I had to deal with “readable for any user” as john mentioned. I used sudo chmod a+r *.crt (from the /opt/Citrix/ICAClient/keystore/cacerts/ directory).
BTW: I copied all GlobalSign related certificates (approx. 13 of them) from the latest Firefox, so I can’t confirm the GlobalSignRootCA-R3 vs GlobalSignRootCA thing.

Читайте также:  Прервать процесс в линукс

Ubuntu 19.10 here. Helped a lot. Thank you very much.
I had to deal with “readable for any user” as john mentioned. I used sudo chmod a+r *.crt (from the /opt/Citrix/ICAClient/keystore/cacerts/ directory).
BTW: I copied all GlobalSign related certificates (approx. 13 of them) from the latest Firefox, so I can’t confirm the GlobalSignRootCA-R3 vs GlobalSignRootCA thing.

That’s really helpful, thanks for posting that. My usecase is:
Citrix Workspace 1912
Pop_OS 19.10 (Ubuntu based) Solutions did the same as the guys above:
1. Exported all GlobalSign related certs from Firefox
2. Then copied them all in the directory /opt/Citrix/ICAClient/keystore/cacerts
3. And then did ‘cd /opt/Citrix/ICAClient/keystore/cacerts && sudo chmod a+r *.crt’

Thank you, this also helped me solve my problem with Citrix Workspace on Ubuntu 20.04. It worked without a hitch after exporting the GlobalSign certificates from my browser and cp them to ‘/opt/Citrix/ICAClient/keystore/cacerts’.

Ubuntu 18.04.5, icaclient_13.8 here. I had to convert the .crt to .pem like so: openssl x509 -in GlobalSignRootCA.crt -out GlobalSignRootCA.pem but then it worked.

Источник

Thread: Citrix and SSL Error 61

halfhearted is offlineA Carafe of Ubuntu

Citrix and SSL Error 61

I’m using Ubuntu 12.04 LTS (32bit) and the latest Linux version of Citrix Receiver. Whenever I try to connect to my work network through Citrix I get the error message below. As far as I can see it’s not true, I *am* trusting the issuer of the server’s security certificate. This error message, (with different issuers) is frequently mentioned on the net but I cannot get any of the many many solutions to work in my case. Any advice would be gratefully received.

SSL error : Contact your help desk with the following information: You have not chosen to trust «/C=US/ST=/L=/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority/CN=», the issuer of the server’s security certificate (SSL error 61).

Читайте также:  Linux black screen fix

damage84 is offlineFirst Cup of Ubuntu

Re: Citrix and SSL Error 61

QuoteOriginally Posted by halfhearted View Post

I’m using Ubuntu 12.04 LTS (32bit) and the latest Linux version of Citrix Receiver. Whenever I try to connect to my work network through Citrix I get the error message below. As far as I can see it’s not true, I *am* trusting the issuer of the server’s security certificate. This error message, (with different issuers) is frequently mentioned on the net but I cannot get any of the many many solutions to work in my case. Any advice would be gratefully received.

SSL error : Contact your help desk with the following information: You have not chosen to trust «/C=US/ST=/L=/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority/CN=», the issuer of the server’s security certificate (SSL error 61).

This is actually straight from Ubuntu’s Citrix help page:

To prevent the following error when accessing remote sessions:

Citrix Receiver
SSL error
Contact your help desk with the following information:
You have not chosen to trust»/C=US/ST=/L=/O=Equifax/OU=Equifax Secure Certificate Authority/CN=», the issuer of the server’s security certificate ((SSL error 61).

Make Firefox’s certificates accessible to Citrix, e.g.,

sudo ln -s /usr/share/ca-certificates/mozilla/* /opt/Citrix/ICAClient/keystore/cacerts

Источник

Оцените статью
Adblock
detector