Citrix Access Essentials SSL error 61

Posted on 2008-11-06
Last Modified: 2011-10-19
I have installed a Citrix Access Essentials server 2.0 on Windows Server 2003 SP2
Originally, I setup the external access via HTTPS and using the Microsoft Certificate Authority.
I purchased an SSL certificate from Digicert for my internet web access site (
After setting everything up again and publishing the web interface everything works fine until I try to lunch a published application. I authenticate correctly to the Citrix web interface and my available applications are displayed.
However when I launch an application, i receive the following error:

SSL Error 61: You have not chosen to trust the original Microsoft  CA certificate , the issuer of the servers security certificate.
I removed all traces of the original Microsoft  CA certificate from the Citrix server using the MMC certs console and removed the registry entries related to this cert. However the error still persists.

Has anyone else come across a similar problem and ant suggestions for a solution?

Thanks in advance

Question by:infolan_rebollo
    LVL 9

    Expert Comment

    the issue is because the client machine doesnt trust the root cert.
    import the root cert to your client machine and it will be fine.

    Author Comment

    I forgot to mention the root cert has been imported in all of the client machines, the problem is not about the Cert that is not trusted: The cert that causes the error should not come into the equation as it no longer exists for the Citrix server. I have published the site using the new Digicert Cert however somewhere within the Citrix server it still has a registry of the old Micrsoft CA cert. I want to remove all references to the old Cert, however I cannot find any more references to the cert of the Citrix server.

    In other words the error: "You have not chosen to trust..... certificate" refers to a certifcate which should not exist. If I was to receive an SSL 61 error correctly if should be for the new DigiCert certificate.... more ideas please
    LVL 9

    Expert Comment

    have you rerun the CSG config wizard to point to the new cert?

    Accepted Solution

    yes. I have removed the external access to the CAE server deleted the configuration and rerun the wizard several times, always with the same error!

    Is it possible that the Citrix server is accessing the old Cert via the CA on another server?
    LVL 9

    Expert Comment

    when you first go to the site click on the secure "key" icon.  look at the cert.  is it showing the correct cert, or the incorrect cert?


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Suggested Solutions

    After several days of searching and hunting for limited documentation, I wanted to share this guide to hopefully save someone the hassle of trying to figure this out on their own. I have tested this on Xendesktop 7.1 and PS 4.5 running simultaneous…
    Citrix XenDesktop 7.6 Citrix Policies Audio
    How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now