Jump to content
Welcome to our new Citrix community!
  • 0

ubuntu - untrusted cert error when entering server address


Mark Devine1709161768

Question

I installed the citrix workspace app on my lenovo laptop with ubuntu installed. When I add my work server address I get an untrusted cert error. I can browse to the address successfully but I can't get there through the app. I got the certs required and added them to /opt/Citrix/ICAClient/keystore/cacerts and then executed command /opt/Citrix/ICAClient/util/ctx_rehash as per https://support.citrix.com/article/CTX231524 but this did not work. I also followed all on https://docs.citrix.com/en-us/citrix-workspace-app-for-linux/system-requirements.html but nothing worked. I also installed the certs into /usr/local/share/ca-certificates/ as per https://askubuntu.com/questions/645818/how-to-install-certificates-for-command-line but that didnt work either. Each time I get an error about untrusted cert. I verified that the permissions on the cert was 600 with the enclosing dir being 700. At the point of adding the server address you have no logging option so I cant see where citrix is looking.

Any help would be much appreciated as I've run out of ideas

Link to comment

1 answer to this question

Recommended Posts

  • 0

Hi

 

Verify your OS has the required certificates installed (Firefox has its own certificate store).

openssl s_client -connect storefront-or-gateway.example.com:443

Hit ctrl+c and do the following *if* openssl returned ok. Type the commands and use tab completion to make sure that these paths exist on your system.

# rename the cacerts directory
sudo mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts.bak

# create the cacerts directory
sudo mkdir /opt/Citrix/ICAClient/keystore/cacerts

# create links to the system certificates in the cacerts directory
sudo ln -s /etc/ssl/certs/* /opt/Citrix/ICAClient/keystore/cacerts/

# list the content of the cacerts directory
ls /opt/Citrix/ICAClient/keystore/cacerts/

Now try connecting to your storefront-or-gateway.example.com.

 

If you're not sure if a previous attempt may have done something that affects this, just uninstall workspace app (make sure /opt/Citrix/ICAClient is removed) and reinstall. Your Citrix user config resides in ~/.ICAClient. You might want to rename or delete that directory as well to start fresh.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...