- Verisign Class 3 Public Primary Certification Authority G5 Download Data
- Verisign Class 3 Public Primary Certification Authority G5 Download Pictures
- Verisign Class 3 Public Primary Certification Authority G5 Download Mode
- Verisign Class 3 Public Primary Certification Authority G5 Download Pictures
- Verisign Class 3 Public Primary Certification Authority G5 Download Mode
I am getting this error when attempting to load a Desktop module up within Citrix Receiver:
I am getting a client error in Firefox: You have not chosen to trust 'VeriSign Class 3 Public Primary Certification Authority - G5', the issuer of the server's. Click Browse to navigate to VeriSign Class 3 Public Primary Certification Authority – G5.cer. Double-click this file, and then click Next. You can find this certificate in the extracted roots.zip file in the folder VeriSign Root Certificates Generation 5 (G5) PCA.
What I don't understand is I can see this particular certificate is set to 'Trust..' under any/all circumstances that I can find. This only happens in Ubuntu, and I did not installed any certificates (manually) on either partition when trying to correct the issue. The browser also appears to be irrelevant (Chrome/Firefox both generate the same error). Forgive my ignorance on certificates, but this seems to be beyond my expertise.
There are a few places I've looked through various search engines, and I found other users who have had similar issues with certificates in the Linux Citrix Receiver, but I'm not sure what's wrong with this certificate, as none of the other suggestions I've tried have worked so far, and they're too numerous to go into detail... so I'd like to take it from here and see what you all can offer up.
5 Answers
To prevent the SSL error 61 when accessing remote sessions:
Make Firefox's certificates accessible to Citrix,
Source: Citrix help page
Newer versions of the receiver require you to convert the , place the crt in a specific directory, and run a citrix utility.CRT
file to PEM
If your installation is in /opt/Citrix/ICAClient
and assuming the signing root certificate or CA is an existing one in ca-certificates:
- Get to the certificates directory:
2. Convert the desired CRT
to PEM
:
3. Link it to the Citrix directory and rehash:
If the CA is not a known and trusted one present in the /usr/share/ca-certificates/mozilla
directory mentioned above:
Download it using your browser's security info on the site
Convert it toMove it, and rehash: Step 3 above.PEM
Left the crossed out text for anyone needing those instructions for whatever reason but I recently tested just moving the CRT to the directory and the rehash utility will convert as needed.
Verisign Class 3 Public Primary Certification Authority G5 Download Data
some users (like me) might find that even after linking Firefox to the cacerts folder the error persists.
That appears to be because Citrix does not supply all of the latest certificates.
The solution appears to be to note the certificate said to be 'not trusted' (eg 'Verisign Class 3 Public Primary Certification Authority - G5') then export it from Firefox (under the Preferences menu then Certificates) to */ICAClient/keystore/cacerts.
Worked for me. Hope this helps.
I've the same error, but with a certificates trusted by my FireFox. So after copy the root ca certificate and converted these in crt files, the ICA client run without problem.Hope this info will be useful
Verisign Class 3 Public Primary Certification Authority G5 Download Pictures
Verisign Class 3 Public Primary Certification Authority G5 Download Mode
I had the same issue and solved it this way:
- Get to the certificates directory:
2. Convert the desired CRT
to PEM
:
3. Link it to the Citrix directory and rehash:
If the CA is not a known and trusted one present in the /usr/share/ca-certificates/mozilla
directory mentioned above:
Download it using your browser's security info on the site
Convert it toMove it, and rehash: Step 3 above.PEM
Left the crossed out text for anyone needing those instructions for whatever reason but I recently tested just moving the CRT to the directory and the rehash utility will convert as needed.
Verisign Class 3 Public Primary Certification Authority G5 Download Data
some users (like me) might find that even after linking Firefox to the cacerts folder the error persists.
That appears to be because Citrix does not supply all of the latest certificates.
The solution appears to be to note the certificate said to be 'not trusted' (eg 'Verisign Class 3 Public Primary Certification Authority - G5') then export it from Firefox (under the Preferences menu then Certificates) to */ICAClient/keystore/cacerts.
Worked for me. Hope this helps.
I've the same error, but with a certificates trusted by my FireFox. So after copy the root ca certificate and converted these in crt files, the ICA client run without problem.Hope this info will be useful
Verisign Class 3 Public Primary Certification Authority G5 Download Pictures
Verisign Class 3 Public Primary Certification Authority G5 Download Mode
I had the same issue and solved it this way:
Verisign Class 3 Public Primary Certification Authority G5 Download Pictures
- Place certificate to be trusted in
/usr/local/share/ca-certificates
- Execute
sudo update-ca-certificates
You should see something line this:1 added, 0 removed; done.Running hooks in /etc/ca-certificates/update.d....Adding debian:SymantecClass3SecureServerCA-G4.pem
- Use Google Chrome instead of Firefox