LynxTechPartners
asked on
SSL Error 61
When I attempt to login to Citrix I get the following error message:
"SSL Error 61: You have not chosen to trust "Go Daddy Secure Certification Authority", the issue of the server's security certificate.
The certificate is set to Always Trust within the keychain access. I also tried the following suggestion from another EE member, without success:
1. Download linked .zip file: http://kb.kcsi.ca/attachments/Citrix%20ICA%20Client-GUIDbb100a1a34e7427fa6fa019814afde9c.zip
2. Extract it to /Library/Application Support/Citrix/
Has anyone managed to resolve this issues?
"SSL Error 61: You have not chosen to trust "Go Daddy Secure Certification Authority", the issue of the server's security certificate.
The certificate is set to Always Trust within the keychain access. I also tried the following suggestion from another EE member, without success:
1. Download linked .zip file: http://kb.kcsi.ca/attachments/Citrix%20ICA%20Client-GUIDbb100a1a34e7427fa6fa019814afde9c.zip
2. Extract it to /Library/Application Support/Citrix/
Has anyone managed to resolve this issues?
ASKER
Thanks DaveHowe. Considering I'm using an iMac, it's probably safe to assume that I'm using the JAVA client...
I downloaded the keytool, but am not clear on what to do from here? Any additional guidance would be greatly appreciated. I'm new to the Mac World...
I downloaded the keytool, but am not clear on what to do from here? Any additional guidance would be greatly appreciated. I'm new to the Mac World...
ok, unzip it and run the .sh (or run it direct from the site with the java webstart url)
on the left hand menu, select
[+] Keytool IUI
[+] Import
[+] Keystore's entry
[+] Trusted certificate
[ ] Root CA certificate
Root certificate is the file you want to import
root store leave at default
root store password is 'changeit' (it always is :)
process is fairly simple from there.
on the left hand menu, select
[+] Keytool IUI
[+] Import
[+] Keystore's entry
[+] Trusted certificate
[ ] Root CA certificate
Root certificate is the file you want to import
root store leave at default
root store password is 'changeit' (it always is :)
process is fairly simple from there.
ASKER
DaveHowe, I have attached a screenshot of my Finder. When I try to run the .sh file (i.e., run_ktl.sh) it merely opens a text editor box. Am I missing something?
screenshot.pdf
screenshot.pdf
you might need to right-click it and mark it executable - or use the webstart version (http://yellowcat1.free.fr/jws/ktl/241/on_ktl_main.jnlp )
the .sh contains a java startup command that runs that jarfile.
the .sh contains a java startup command that runs that jarfile.
ASKER
Thanks DaveHowe. I followed your steps. After entering the 'changeit' password and selecting OK I get a KeyTool IUI Warning - File is write-protected: /System/Library/Frameworks /JavaVM.fr amework/Ve rsions/1.6 .0/Home/li b/security /cacerts
Is this common? Any suggestions?
Is this common? Any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wasn't able to get it to work (due to my Mac entry-level know-how), but DaveHowe provided good instructions. Very much appreciated.
However, if you are using the JAVA client from the secure gateway, then java has its own keystore, which you would need to populate; personally, I think installing the full client (usually available as a link from the CSG page) is a better solution, but if you want to update the java keystore, there is a gui tool here:
http://yellowcat1.free.fr/keytool_iui.html
that can do that for you.