Citrix SSL Error 61 – “GlobalSign Root CA”

After a long period of not having issues with Citrix, this old chestnut popped up again.

You have not chosen to trust “GlobalSign Root CA”, the issuer of the server;s security certificate (SSL error 61)

ca01

I checked back and we had this one before way back in 2012. The problem is that the cert is not in the plugin directory that wfica uses. So the solution is to get it and put it in the correct place.

At the time Firefox had removed the option to export certificates but fortunately it has bee restored.

Firefox F10 > Edit > Preferences > Advanced > Certificates > View Certificates

Scroll down and click on “GlobalSign Root CA” (under GlobalSign nv-sa), and then press Export.

ca02

Save it somewhere.

ca03

Then copy it into the correct directory.

sudo cp ~/tmp/cert/GlobalSignRootCA.crt /opt/Citrix/ICAClient/keystore/cacerts/

This entry was posted in citrix. Bookmark the permalink.

One Response to Citrix SSL Error 61 – “GlobalSign Root CA”

  1. Spike Robinson says:

    Thanks very much for this fix. I had this immediately after downloading a new installation of Citrix Receiver via our company’s NetScaler.

Leave a Reply

Your email address will not be published.