Problems with Citrix Client on Linux?
February 29th, 2008
Updated March 25th
Everytime I install the Linux Citrix Client it seems like I run into problems with SSL-Certificates. The message usually sounds like this:
You have not chosen to trust “Thawte Server CA”, the issuer of the server’s security cerfiticate (SSL error 61).
You might have another company listet as issuer on your server.
Anyway, let’s fix it.
Run the following command as a superuser, also known as root:
cp /usr/share/ca-certificates/mozilla/* /usr/lib/ICAClient/keystore/cacerts/
That’s it!
This assumes that the ICA Client is installed in the default directory. Also you need to have Mozilla Firefox a package called ca-certificates installed since we are using its certificats.
Please leave a comment if you found this useful.
April 13th, 2008 at 00:12
I have done all of the above, but when I click on the icon for the Citrix Application I get:
Client Error: The SOCKS 5 handshake failed (SSL error 29).
Any suggestions?
April 14th, 2008 at 21:06
Im using debian 2.6.24-1-amd64, installed the ca-certificates and copied the line, but same error message still.
I assume the ca-certificates are missing something, any idee
April 21st, 2008 at 08:45
David: Strange, never seen that one. But I have only testet this on Ubuntu though. What distribution did you use?
May 6th, 2008 at 22:22
Thanks for the great tip…. after a day search on the internet to get my Citrix ICA working, I have put in the command as discribed and gues what… it works!!!!
You have not chosen to trust “equifax secure global ebusiness ac-1″ ssl error 61.
This is what I had all the time and without any luck I added certificates (entrust_ssl_ac.cer) but didn’t work eather… very frustrating but luckely found your website….
Thanks again for a this….great job !!!!!
Richard
(Linux mint 4.0)
Firefox 2.0.0.13
May 15th, 2008 at 06:19
I have been dealing with this same issue for about a month. I got to the point of giving up, but this article fixed my problem completely. I can now use Citrix on Ubuntu 8.04. Thanks.
May 18th, 2008 at 12:12
Just wanted to say – I’ve been looking for a simple solution to this problem a while – thanks!
June 10th, 2008 at 22:00
I tried your tip here on a Ubuntu 8.04, but did not work, I received a message:
“You have not chosen to trust “UTN-USERFirst-Hardware”, the issuer of the server’s security certificate (SSL error 61)”
More tips anyone?
June 11th, 2008 at 12:14
I have also followed the instructions on this site about installing the certificates etc. This has fixed my initial problem but now I get the SOCKS 5 handshake failed (SSL error 29) problem described by David Wright.
Does anyone else anywhere on the internet get this issue ????
I am running Ubuntu 7.04 and trying to connect to Citrix Presentation Server 4.5 via Secure Gateway using the Linux ICA client.
June 11th, 2008 at 18:37
@Andy:
This is probably because UTN-USERFirst-Hardware isn’t a big and trusted supplier of certificates. However you can visit this site http://www.usertrust.com/cacerts/ and download the appropriate certificate file and save it in the directory mentioned earlier. No guarantee though :)
June 11th, 2008 at 20:38
Thank you torh!
I downloaded the crt-file and saved it into the ICAClient/linuxx86/keystore/cacerts/ folder, now everything works! Thank you!
June 11th, 2008 at 20:51
@Andy: Glad to hear that it worked.
June 18th, 2008 at 16:16
[...] Problems with Citrix on Linux: http://blog.torh.net/2008/02/29/problems-with-citrix-client-on-linux/ [...]
July 14th, 2008 at 13:18
+1 for orignal post working… Ubuntu Hardy.
Thanks!!!
July 18th, 2008 at 05:17
Yes!!!! Your suggestion fixed my ssl error 61 problem!!! Thank you so much!!!
August 19th, 2008 at 23:13
Thank you very much, I finally have Citrix working!
August 25th, 2008 at 21:58
Thanks for great issue.
A strange thing is that couple months ago everything was working without magic cp string. I had successfully connected to my company server from Ubuntu 8.04 and PCLOS, but today on new Ubuntu installation the problem appeared.
It’s OK now.
August 27th, 2008 at 01:31
Hi
I am facing a problem while copying any text from Ubuntu(Linux Debian Flavour)application like open-office or any other text displaying or writing application to citrix client application, text formatting gone away like if i copy two different paragraphs to citrix it just concatenate the two paragraphs or remove all the blank lines from the text. If anybody having the solution plz help me.
September 1st, 2008 at 17:58
Thanks a lot …. It worked the first time (after many searches) .
I have xubuntu, xfce, mozilla.
September 4th, 2008 at 21:09
Thanx Thanx Thanx!!!!
I’ve had lot’s of problem getting this to work. I’ve googled myself through half of the web and I’ve found many different and complicated sollutions, wich never helped me. But this post solved the problem for me once and for all. So easy! thanx again
September 21st, 2008 at 10:20
Still doesn’t work for me. :(
September 21st, 2008 at 15:24
@Agneta: Hmm.. what does your error message say?
September 29th, 2008 at 21:50
Works just fine, thanks. One question though: when Citrix runs in seamless mode, I can’t find how to switch back and forth between Citrix window and local PC (Ubuntu 8.04). Any idea? Is there, like VirtualBox, a special key to use before using CTRL right/left arrow?
October 5th, 2008 at 05:15
Hi Tor,
Wondering if you can help me as well. I am trying to connect to my office remotely using a mac os x v10.4 via citrix ICA and get the following error message every time:
ssl error 29: the socks 5 handshake failed. Error number: 183
I have tried using both firefox v2.0 and safari v3.1 and the citrix blog is full of questions but short on solutions.
Thanks!
October 16th, 2008 at 07:24
Thanks a lot! This seems to be the only place on the web where you find this solution although I would imagine that the problem is common! I’m running Ubuntu 8.04.
January 6th, 2009 at 03:46
I consider myself pretty proficient at systems, but this had me stumped!!!!
Thanks for the post. Saw a lot of errors when I ran the command, but it works!!!!!!!!!!!!!
January 10th, 2009 at 03:00
[...] to http://blog.torh.net/2008/02/29/problems-with-citrix-client-on-linux/ for that [...]
March 11th, 2009 at 13:18
Bloody Marvelous -
As a company we have had no success it getting this to work – and I know of 3 people who have spent a lot of time following the copying of certificates etc etc
We are not worthy ……..
Thanks a lot
March 25th, 2009 at 09:47
@torh
Had the same problem as Andy, used same solution, got same result: worked.
on bended knee with tears of joy … I proclaim my gratitude!
April 1st, 2009 at 03:01
I don’t have a dir /ca-certificates/mozilla/*
I do have:
jss@suse11:/usr/lib/ICAClient/keystore/cacerts> ls
BTCTRoot.crt Class4PCA_G2_v2.crt Pcs3ss_v4.crt
Class3PCA_G2_v2.crt GTECTGlobalRoot.crt SecureServer.crt
When I connect via Citrix nothing happens when I launch an app. It asks to save the ica file then nothing.
Thoughts?
April 1st, 2009 at 19:55
Jeff:
If you get a question about saving the .ica file, the Citrix application is most likely not installed correctly.
Which web browser are you using?
April 2nd, 2009 at 03:17
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.7)
April 2nd, 2009 at 03:45
Thanks a lot, good tip !!
THANKS AGAIN !!.
JP
April 27th, 2009 at 11:29
Thank you a lot. You fixed my issue. Everywhere else gave me a bum steer. You rock!
May 19th, 2009 at 01:32
Now I am running Jaunty Jackalope, and ver 11 of the ICA client, but I still get:
Client Error: The SOCKS 5 handshake failed (SSL error 29)