Tag Archives: citrix

Citrix Receiver on Linux

I’ve written about this issue before, in 2008. But as it turns out, the problem still exists with todays version of the Citrix client, version 12.0, now called Citrix Receiver. And people are still searching for an answer on how to solve this issue.

You have not chosen to trust [certificate] the issuer of the server’s security certificate (SSL error 61)

Both the problem and the solution is the same as before, only the name and the path is different. The path depends on whether you installed the client/receiver as a normal user, or root, also known as the superuser.

I’ve used Ubuntu 11.04 here, but I reckon it’ll work on any Linux distribution.

The problem is this; When you install the Citrix Receiver, it will only install a handful of certificate files, and we’ll have to provide the rest. Now, where can we find a reliable source of SSL certificates? Well, it turns out that we most likely have that already. The same source our browser is using.

 /usr/share/ca-certificates/mozilla/

Just copy those .crt files over to the Citrix keystore, and we should be done. If the client is installed under /opt/Citrix/ICAClient/, run this command in a terminal:

sudo cp /usr/share/ca-certificates/mozilla/* \
/opt/Citrix/ICAClient/keystore/cacerts/

If it’s installed in your home directory, this command should work:

cp /usr/share/ca-certificates/mozilla/* \
$HOME/ICAClient/linuxx86/keystore/cacerts/

If you are using a home made certificate, or for some reason this doesn’t work for you, you’ll have to track down the correct .crt files yourself. But at least now you’ll know where to place them.

Citrix XenServer Available for Free

Several news sites reports today that Citrix is going to make XenServer available free, which is based upon the open source Xen hypervisor. Last year VMware released their own hypervisor, ESXi, for free.

Apparantly the big money isn’t in the hypervisor anymore, but the technology to manage them. Giving away your product is the best way to get more customers.

Citrix says their hypervisor, XenServer, has a couple of features not available throught VMwares ESXi, at least not without opening your wallet. For instance, ESXi is a 32-bit bare-metal hypervisor, whereas XenServer is a 64-bit bear-metal hypervisor. XenServer can also handle up to 8 virtual CPUs, while ESXi only handles 4.

Citrix has released a list of features included at no costs on their site.

Problems with Citrix Client on Linux?

Updated October 12th, 2011.

Everytime I install the Linux Citrix Client it seems like I run into problems with SSL-Certificates. The message usually sounds like this:

You have not chosen to trust “Thawte Server CA”, the issuer of the server’s security cerfiticate (SSL error 61).

You might have another company listet as issuer on your server.
Anyway, let’s fix it.

Run the following command as a superuser, also known as root:

cp /usr/share/ca-certificates/mozilla/* /usr/lib/ICAClient/keystore/cacerts/

That’s it!

Updated: The new client, version 12.0, also called Citrix Receiver, is by default installed under /opt/Citrix/ICAClient/. So then the command will be:

sudo /user/share/ca-certificates/mozilla/* /opt/Client/ICAClient/keystore/cacerts/

This assumes that the ICA Client is installed in the default directory. Also you need to have Mozilla Firefox a package called ca-certificates installed since we are using its certificats.

If you have installed the client as a normal user, the keystore will most likely be placed under $HOME/ICAClient/linuxx86/keystore/cacerts/, note that the double x in linuxx86 is not a typo.

Please leave a comment if you found this useful.