Citrix on Mac. receiving error 7 when attempting to connect to metaframe

I have a user who is receiving "A local security certificate could not be loaded (error code 7)" when attempting to connect to a citrix session.

They have the client installed.. and are using OSX.

Have tried with Safari and FireFox - same issue.. details of error below..
A local security certificate could not be loaded. (error code: 7)
                at com.citrix.sdk.security.ssl.ConnectionModel.addCACertificate(ConnectionModel.java)
                at sun.reflect.GeneratedMethodAccessor12.invoke(Unknown Source)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:585)
                at com.citrix.client.io.net.ip.m.h(Unknown Source)
                at com.citrix.client.io.net.ip.proxy.i.<init>(Unknown Source)
                at com.citrix.client.io.net.ip.g.a(Unknown Source)
                at com.citrix.client.io.net.ip.o.a(Unknown Source)
                at com.citrix.client.module.td.tcp.TCPTransportDriver.t(Unknown Source)
                at com.citrix.client.module.td.TransportDriver.run(Unknown Source)
                at java.lang.Thread.run(Thread.java:613)
Caused by: The SSL cryptography library failed.  The security certificate "AOL Time Warner Root Certification Authority 2" has a public key of length greater than 2048 bit.
                at com.citrix.sdk.security.certificate.X509CertificateLoader.loadCertificates(X509CertificateLoader.java)
                at com.citrix.sdk.security.ssl.ConnectionModel.addCACertificate(ConnectionModel.java)
                at sun.reflect.GeneratedMethodAccessor12.invoke(Unknown Source)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:585)
                at com.citrix.client.io.net.ip.m.h(Unknown Source)
                at com.citrix.client.io.net.ip.proxy.i.<init>(Unknown Source)
                at com.citrix.client.io.net.ip.g.a(Unknown Source)
                at com.citrix.client.io.net.ip.o.a(Unknown Source)
                at com.citrix.client.module.td.tcp.TCPTransportDriver.t(Unknown Source)
                at com.citrix.client.module.td.TransportDriver.run(Unknown Source)
                at java.lang.Thread.run(Thread.java:613)
Caused by: java.lang.IllegalStateException: C=US, O=AOL Time Warner Inc., OU=America Online Inc., CN=AOL Time Warner Root Certification Authority 2
                at com.certicom.b.a.a.a.v.d(v.java)
                at com.certicom.b.a.a.a.v.b(v.java)
                at com.certicom.b.a.a.a.v.<init>(v.java)
                at com.certicom.b.a.a.a.t.a(t.java)
                at com.certicom.b.a.a.a.t.a(t.java)
                at com.citrix.sdk.security.certificate.X509CertificateLoader.loadCertificates(X509CertificateLoader.java)
                at com.citrix.sdk.security.ssl.ConnectionModel.addCACertificate(ConnectionModel.java)
                at sun.reflect.GeneratedMethodAccessor12.invoke(Unknown Source)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:585)
                at com.citrix.client.io.net.ip.m.h(Unknown Source)
                at com.citrix.client.io.net.ip.proxy.i.<init>(Unknown Source)
                at com.citrix.client.io.net.ip.g.a(Unknown Source)
                at com.citrix.client.io.net.ip.o.a(Unknown Source)
                at com.citrix.client.module.td.tcp.TCPTransportDriver.t(Unknown Source)
                at com.citrix.client.module.td.TransportDriver.run(Unknown Source)
                at java.lang.Thread.run(Thread.java:613)

Open in new window

AndrewtowAsked:
Who is Participating?
 
ParanormasticCryptographic EngineerCommented:
See line 13:
Caused by: The SSL cryptography library failed.  The security certificate "AOL Time Warner Root Certification Authority 2" has a public key of length greater than 2048 bit.

Fix: Use the mac ICA client instead of Java client.  You may need additional configuration to support the mac ica client, here's the info on that:
http://support.citrix.com/article/CTX104367
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.