Citrix receiver os x you have chosen not to trust
![citrix receiver os x you have chosen not to trust citrix receiver os x you have chosen not to trust](https://geektechstuff.files.wordpress.com/2018/05/citrix_8.png)
- #Citrix receiver os x you have chosen not to trust for mac#
- #Citrix receiver os x you have chosen not to trust install#
- #Citrix receiver os x you have chosen not to trust password#
- #Citrix receiver os x you have chosen not to trust windows#
(The command line to do such an install is: CitrixReceiver.exe /includeSSON).
#Citrix receiver os x you have chosen not to trust windows#
pass on Windows credentials) and if that’s not the case users will not be able to launch any app or desktop. Citrix Receiver needs to be explicitly installed with the ability to do Single Sign-On (i.e. But when the user clicks on something, it is the Citrix Receiver that comes into play and needs to pass on the credentials to the concerned XenApp or XenDesktop server. The Storefront server is happy, gives the users a list of apps and desktops assigned to them, etc. The problem with this is that these Windows credentials are passed on to the Storefront server. Instead they get an option to login with the Windows credentials.
#Citrix receiver os x you have chosen not to trust password#
When this is enabled and users visit the Storefront page, they don’t get the usual username password prompt. This is because you probably have “Domain pass-through” authentication enabled on your Store and/ or the Receiver for Websites (note the latter: easy to miss out).
![citrix receiver os x you have chosen not to trust citrix receiver os x you have chosen not to trust](https://alexisfraser.com/pictures/300315.jpg)
The Citrix servers do not trust the server.Only the first two from your list are necessary.If you are able to login to your Citrix Storefront and get a list of application, but when launching something you get an error –Īnd checking the “Citrix Delivery Services” logs on your Storefront gives errors such as these – It should not be sending those two certificates. What this all boils down to is that the server configuration (I believe it to be a NetScaler device) is incorrect. Apple has specifically removed it because it's a weak certificate. It's complaining because that root certificate doesn't exist in your Keychain. Class 3 Public Primary Certification Authority corresponds to the cert that Receiver is complaining about. Class 3 Public Primary Certification Authority VeriSign Class 3 Public Primary Certification Authority - G5 (This is different than the root certificate in your list).These include the first two in your list above, but also two more: Based on your server, fsacitrixweb.ed.gov, I can see that it is in fact returning a certificate chain that includes 4 certificates. This change is covered in the "Joint Server Certificate Validation Policy" documentation here.
#Citrix receiver os x you have chosen not to trust for mac#
Receiver for Mac 12.5 introduced stricter TLS certificate chain verification. Of course, I already tried calling my office's IT group, but they very politely told me that there was absolutely nothing that they could do to help me and that I'm on my own.Ī log file with the error is attached. I'm at a loss as to what I should do next. Citrix works fine for me if I connect through the iOS app or through the Chrome Citrix App (from the same Mac that I'm having difficulty with).Nobody else is having this problem at work with Citrix Receiver for Mac (even with the same base configuration as me).This also didn't work in Safari or Chrome. This didn't work in Safari or Chrome, so I renamed them as *.crt files. /HDD/User/Library/Application Support/Citrix Receiver/keystore/cacerts./HDD/User/Library/Application Support/Citrix/keystore/cacerts.So, I exported both the intermediate and root certificates and placed them (as *.cer files) in the following locations: I tried to connect in Chrome (I typically use Safari), it didn't work either. I already had the root certificate in my keychain, but it was set to default trust values, so I marked it as trusted for all purposes. I did not have the intermediate certificate in my keychain, so I grabbed it and added it without issue. VeriSign Class 3 Public Primary Certification Authority - G5 (root certificate).Symantec Class 3 Secure Server CA - G4 (intermediate certificate).However, when I trace the chain of SSL certificates, at the URL where I connect to Citrix, I get the following chain, which contains a similarly named root certificate, but one that doesn't exactly match the error that I've been getting: "/C=US/ST=/L=/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority/CN=" In particular, the certificate that I have apparently chosen not to trust is this one:
![citrix receiver os x you have chosen not to trust citrix receiver os x you have chosen not to trust](https://support.citrix.com/files/public/support/article/CTX101990/images/0EM60000000UJas.jpeg)
I'm running the latest version of macOS Sierra and the latest version of Citrix Receive for Mac. After connecting to my office's Citrix environment for years via Citrix Receiver for Mac without issue, I have (apparently) randomly begun to get the "SSL 61 Error", where Citrix complains that I have chosen not to trust the issue of the server's security certificate.