Citrix Receiver Ssl Error 61

Citrix Receiver Ssl Error 61 Linux

Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization’s Help Desk for assistance and refer them to this article.

Update to the Latest Receiver Version

Upgrade to the latest version of Receiver to verify if this resolves the issue.
If you are using SHA2 certificates then the older version of Receiver does not support these certificate. Refer to CTX200114 – Citrix Receiver Support for SHA-2 to view the Receiver versions which supports SHA-2 certificates.

If this does not resolve the issue then proceed to the next section.

Jul 21, 2014 3) Choose the cert in the list (in our case “thawte ssl ca”) 4) Click on edit trust 5) Tick this certificate can identify website and software maker (tick 1 and 3) 6) Validate and close every menu. 7) To be safe, restart firefox, citrix can run now.
Long version; Go to your company’s Citrix site and click the green HTTPS lock on the left side of the address bar. Click on “More info” as long as you need to get to see the certificate (s) that your Citrix site uses. Export all certificates (Root CA, Intermediate CA and your server’s certificate) to a temporary directory.

For information on Receiver feature updates refer to – Citrix Receiver Feature Matrix.

Jun 26, 2020 Ive been using Citrix on Windows 7, it worked fine, but now Im using Windows 10. After I installed the OS, I installed Citrix Receiver and Citrix Workspace but I cant launch citrix applications. My company (Activlan) had to renew our certificate installed on our Citrix Secure Gateway 3.1.3. As you might know, Citrix has issued some virtual appliance and I had to chose between, Citrix Access Gateway 4.6.2 VPX and Netscaller VPX Express. My choice was to integrate a Citrix Access Gateway (CAG) mainly because we are using other product. I finally found the issue after researching the forums of Citrix and other various sites. This issue is the cert itself, we purchased a cert and uses SHA2, however the Linux Citrix Receiver does not support SHA2 at this point. So the only resolution is to either Re-Key the cert to use SHA1 or wait for an update from Citrix.

Missing Root/Intermediate Certificate

This error message suggests that the client device does not have the required root certificate/intermediate certificate to establish trust with the certificate authority who issued the server certificate.

Use a root certificate

If you need to authenticate a server certificate that was issued by a certificate authority and is not yet trusted by the user device, follow these instructions before adding a StoreFront store.

Obtain the root certificate in PEM format.
Tip: If you cannot find a certificate in this format, use the openssl utility to convert a certificate in CRT format to a .pem file.
As the user who installed the package (usually root):
1. Copy the file to $ICAROOT/keystore/cacerts.
2. Run the following command:

Use an intermediate certificate

If your StoreFront server is not able to provide the intermediate certificates that match the certificate it is using, or you need to install intermediate certificates to support smart card users, follow these steps before adding a StoreFront store.

Obtain the intermediate certificate(s) separately in PEM format.
Tip: If you cannot find a certificate in this format, use the openssl utility to convert a certificate in CRT format to a .pem file.
As the user who installed the package (usually root):
1. Copy the file(s) to $ICAROOT/keystore/intcerts.
2. Run the following command as the user who installed the package:

No Related Posts

I recently installed ICA client for Linux from RPM. Version is 19.12.0.19. I copied GoDaddyRootCertificateAuthority-G2.crt to /opt/Citrix/ICAClient/keystore/cacerts/ and ran /opt/Citrix/ICAClient/util/ctx_rehash.

When that didn't seem to work, I copied GoDaddySecureCertificateAuthority-G2.crt to /opt/Citrix/ICAClient/keystore/intcerts/ and ran the rehash utility again. I still get the dreaded SSL error 61.

Frankly, I am not sure what to make of this. I can connect and login to Xen using a browser but the ICA client cannot start a program. Can this be fixed? I have other pathways into the corporate network so using Citrix is not really necessary but it would be nice to have the option.