Fix Your Linux SSL Error 61

Posted on

What is SSL error 61? For us to know when and why it happened. Let us first clarify what errors so that you can be sure that this is the tutorial for you.

Mistakes that we discuss in this article may have different text, so the best way for you to know if this tutorial article is suitable for you to know or not is to check if the error you faced has one of the following messages :

The most common is the “Certificate Server not receiving trustworthy (SSL error 61)”, but it could be others like, or the following, again the message “Your application is not available Please try again later ..” Can not connect Citrix server XenApp SSL error. 61: You did not trust any ‘Certificate Authority’, the issuer of the certificate to the security server “.

If you press these annoying errors that seem common, this means the endpoint of your Citrix (which you connect to Citrix clients) to a certificate that is not trustworthy to customers. Customers do not believe it possible for Citrix to contain a set of new root certificates or completely enough with its clients.

How to fix this problem is to make the client a number of existing root certificate, and I find the easiest way to accomplish this is to get the certificate from Mozilla Firefox with a symbolic link. In this way, when the certificate is renewed, Citrix customers will continue to appoint.

In this manual, reposted by many years ago, so details are likely to be updated and updated. I’ve booked it again because there are so many links to these guidelines is still getting traffic so the problem still needs a lot of people to take care of.

My quick fix (a backup copy of everything you get the first from) is simple dir ICA in Citrix client mozilla a redirection and I immediately started to work:

  • sudo mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts_old
  • sudo cp /opt/Citrix/ICAClient/keystore/cacerts_old/* /usr/share/ca-certificates/mozilla/
  • sudo ln -s /usr/share/ca-certificates/mozilla /opt/Citrix/ICAClient/keystore/cacerts

Some caution is that there may be a different location for installing the Citrix client, and also the location of worms depending on the distribution / version of Linux and Citrix Installer version.

ICA clients can be installed in one of these locations, depending on the method and installation version:

  • /opt/ICAClient/
  • /usr/lib/ICAClient/
  • /home/XXX/ICAClient/linuxx86/

And therefore the commands Citrix owners will be installed in the key store / cacerts / where location over the Citrix client.

Mozilla CACERTS should be placed in the following locations, but vary per distribution:

  • Directory/usr/share/ca-certificate/mozilla/

I still examine the following error code, if someone wants to help:

  • SSL error 26
  • SSL error 47

The place where you really need to check the value of this key usage is known as an advanced key-use field. Incompatibility nothing to do with the SGC (this abbreviation stands for server gated cryptography).

If this is the case, there are no quick fixes to anyone who will turn your certificate and apply for a new one.

We suggest, but you do not do this until you have run out of two possible solutions that we have gone through before. Just fix no problem if you continue the conclusion of this last.


We are aware that this can be a hassle because you have to wait until you get a new certificate. Once you receive a new certificate, you should check, verify it is true that the use of a primary key on the new certificate has the correct authentication server.┬áThank you for reading this article until the last paragraph, if this article useful you can share to social media Google+, Facebook and others. thanks. – John Sadino –

Leave a Reply

Your email address will not be published. Required fields are marked *