Updated October 12th, 2011.

Everytime I install the Linux Citrix Client it seems like I run into problems with SSL-Certificates. The message usually sounds like this:

You have not chosen to trust “Thawte Server CA”, the issuer of the server’s security cerfiticate (SSL error 61).

You might have another company listet as issuer on your server.
Anyway, let’s fix it.

Run the following command as a superuser, also known as root:

cp /usr/share/ca-certificates/mozilla/* /usr/lib/ICAClient/keystore/cacerts/

That’s it!

Updated: The new client, version 12.0, also called Citrix Receiver, is by default installed under /opt/Citrix/ICAClient/. So then the command will be:

sudo /user/share/ca-certificates/mozilla/* /opt/Client/ICAClient/keystore/cacerts/

This assumes that the ICA Client is installed in the default directory. Also you need to have Mozilla Firefox a package called ca-certificates installed since we are using its certificats.

If you have installed the client as a normal user, the keystore will most likely be placed under $HOME/ICAClient/linuxx86/keystore/cacerts/, note that the double x in linuxx86 is not a typo.

Please leave a comment if you found this useful.