Citrix Receiver on Linux: SSL Error 61 (“You have not chosen to trust”)

Important:
If you don’t know or understand certificates / root and intermediate certificate authorities, get someone who understands to follow below instructions.

I tried connecting to the company’s citrix server, but kept hitting the same error when I tried to open the connection:

Contact your help desk with the following information:
You have not chosen to trust "INSERT YOUR CA HERE", 
the issuer of the server's security certificate (SSL Error 61)

It seems that Citrix has an alternate directory where it stores it’s trusted cert’s / certificate authorities. Even though you can see that the server’s certificate is trusted (by root CA’s) via a web browser, we need to copy those to the correct directory.

In short: Copy the root and intermediate CA’s to this directory: /opt/Citrix/ICAClient/keystore/cacerts

Long version;

  1. Go to your company’s Citrix site and click the green HTTPS lock on the left side of the address bar.
  2. Click on “More info” as long as you need to get to see the certificate(s) that your Citrix site uses
  3. Export all certificates (Root CA, Intermediate CA and your server’s certificate) to a temporary directory
  4. Use the sudo command to copy these certificates to /opt/Citrix/ICAClient/keystore/cacerts
  5. Open the citrix connection and bask in the glory of your company’s terminal server.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s