# Citrix Ssl Error 183 Safari



## sharondrums (Oct 14, 2005)

Hello, I am having trouble connecting to my employer's citrix system. I have an nfuse connection and until recently it was working really well. I have been told that citrix has been updated, downloaded what I was told to download from geotrust and added it to my keychain, it still isn't working! I am completely out of my depth with all this and wonder if anyone can explain to me what to do in a very straightforward way?
Yours eternally grateful (in advance!)
Sharon Brown


----------



## sdaviss (Dec 13, 2005)

I'm having the same problem (Firefox1.5b, OSX 10.4.3, Citrix OSX client 7/05 date download)... Error number 183... certificate not trusted...
How do I let Firefox know to accept the certificate?  Is it some other thing? 
Ideas?  [newb here, but I couldn't Search as it is down]


----------



## theamazingdylan (Feb 13, 2006)

On the client, the server certificate needs to be installed into the cacerts directory for Citrix to see it.  Open up Finder, then Open the Applications folder. In Applications you should have a Citrix ICA Client folder.  In that folder is a Keystore folder, and inside that is a cacerts folder.  Copy the server certificate that was given to you into that folder and you should be all set.  Depending on the version of Citrix that is being run on the server, you may need to contact your administrator and tell them that they need to edit their configuration in order to make the client work correctly with safari, because the new version by default attempts to open using a java applet inside of a safari window.


----------



## sdaviss (Feb 14, 2006)

Dylan,
Thanks for the tip.  However, I'm not so sure about that "server certificate that was given to you" bit.  Would that be a cert that was downloaded and placed elsewhere?  Here are the certs that are now in the cacerts folder:
BTCTRoot.crt
Class3PCA_G2_v2.crt
Class4PCA_G2_v2.crt
GTECTGlobalRoot.crt
GTECTRoot.crt
Pcs3ss_v4.crt
SecureServer.crt

Thanks.  If I can get this working, then you are truly "amazing".


----------



## theamazingdylan (Feb 14, 2006)

For Mac OS clients, you should have been given a certificate to install on your computer.  Depending on the setup of the Citrix system, there may even be more than one certificate to install.

If you get the error when you first log into the Citrix web login, then the first problem is that you need to tell your computer's web browsers to trust the certificate, meaning it probably needs to be added to your system keychain.  To do this, you double-click the certificate file which should open up the keychain manager.  Select the System keychain from the dropdown and hit OK.  

If you get the error after clicking on an application after logging in, then you need to tell Citrix to trust the certificate which is what the instructions I put in my last post are for.  I wish I could tell you if any of the certificates in your cacerts folder were the right one, but unfortunately, the name of the file doesn't really mean anything.

If you do not have this certificate(s), you should contact your company's support people and tell them that you need the SSL certificate or certificates used for the Citrix Web Interface and Citrix Secure Gateway.


----------



## Jimmymac (Nov 24, 2007)

Dylan

Thank you so much for your help in enabling me to access my work via citrix. I have spent the last few weeks in futile email conversations with the tech guys at work who led me down dark alleys and ended up saying they cannot provide support for macs. The citrix site was not much help as that only told me to add the relevant certificate to my X509 keychain which I had already done. 

Yours in eternal gratitude

Jimmy Mac


----------



## rodrigomac (Nov 16, 2009)

Hello Dylan. Thanks for the tip. I`d like to tell you that I have the same problem, but in my applications I haven`t any folder with the name citrixICA, I searched everywhere and no success. do you know if something is missing in the installation? I get the error after logging, during tha launching of the application. Thanks a lot for your words.

Rodrigo.


----------



## savagehuman (May 31, 2012)

Thanks Dylan!  Originally, I had trusted the cert from the Citrix site, which added it to my login keychain.  I copied it to the system keychain, but still no dice.  Frustration ensued.  Your advice solved it.  When I opened up the Citrix folder, there was no Keystore folder, so I created it, created a cacerts subdirectory, and exported the certificate from my keychain into the folder.  Bingo.  Thanks again!


----------

