We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Citrix Secure Gateway + Thawte certificate Error 61 Untrusted CA

Telstar-Networks
on
Medium Priority
2,624 Views
Last Modified: 2012-05-07
Running a Citrix PS 4.5 farm and I have a few users who connect via Secure Gateway from outside the network.  Got a call this morning that they were having problems so I took a look.

All of the sudden, on multiple machines (and various browsers) people are able to get to the page, login, get to the published apps, but when they (or I) try to run them, "SSL Error 61: You have not chosen to trust "Thawte Server CA", the issuer of the server's security certificate."

I have users on this everyday, so this has happened over night.  Just to make sure, I checked and there is a trusted CA in the local computer account's folder named "Thawte Server CA."  I downloaded and installed the cert from the secure gateway in a variety of places and no help.

I went to the secure gateway server and into IIS manager.  From there to directory security and view certificate, you can actually export a Thawte Server CA certificate.  Installed that, still the same error.  

Running Secure Gateway Diagnostics comes up green lights across the board.  

Double checked the cert and it is valid until October.

Just to say I did it, the server has also been restarted.

Basically out of ideas here.  Anyone have one?
Comment
Watch Question

Author

Commented:
Update:

I am actually running two CSG servers in two separate locations, both using Thawte certificates.  The backup actually has expired as the client decided not to renew, but I figured just for fun I would try.

Citrix doesn't allow invalid certs to work, but I figured it wouldn't hurt to check it out, so I logged in expecting an error about invalid cert due to expiry date.  Instead, I got the exact same error on the second server as well....

Maybe something going on with Thawte?

Author

Commented:
Second update:

Just to be sure I went to Thawte and re downloaded their root certificates and reinstalled them.  Still the same error.  

Deleted the one there and reinstalled the freshly downloaded copy again.  Still the same error.
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.