When a user attempts to connect to an application within Citrix, after
they have logged into the Citrix portal, they receive an error that
says, "Error SSL 61: You have chosen not to trust "QuoVadis Global SSL
ICA", the issuer of the servers security certificate."
This error message appears because the QuoVadis Global SSL ICA
certificate has not been installed on the in the intermediate
certification authority store on each XenApp Server (formally known as
the Citrix Presentation Server). Below are the are steps that you will
need to follow in on each XenApp Server in your Citrix environment that
offers an application in the portal.
Installing the QuoVadis Global SSL ICA
These steps must be done on each XenApp Server. This also assumes that
your XenApp Servers are running in a Microsoft Windows Environment.
First you must open the Microsoft Management Console.
- Click on Start and then Run.
- In the Run window, type MMC in the Open: field and click
The Console1 window will appear.
- Click on File at the top and then select Add/Remove
Snap-in... Alternatively, you can press Ctrl + M.
- In the new window, click on the Add... button at the
bottom. This will open a third window.
- Scroll down in the Add Standalone Snap-in window and find
the Certificates component. Once found, highlight it and click
on the Add button at the bottom. Alternatively, you can double-click
In a new window, you will be given 3 options for which account you
want the certificates snap-in to manage.
- Select the Computer account radio button and click on the
- At the next screen, click on the Finish button.
- Back in the Add Standalone Snap-in window, click on the Close
- Click on the OK button in the Add/Remove Snap-in
You should be back in the Console1 window. You will see that
the Certificates (Local Computer) has been added on the left
- Click on the "+" sign next to Certificates (Local Computer)
to expand it.
- Locate and expand the Intermediate Certification Authorities
store and then click on the Certificates folder underneath it.
In the right hand pane, you should see a list of certificates.
Verify that you have the QuoVadis
Global SSL ICA certificate in this list of certificate in the
right hand pane. If
you do not have this certificate installed, then the next steps will guide you through the process of
- Place the certificate in a directory where they can be
accessed by the server.
- Right-click on the Certificates folder underneath the Intermediate
Certification Authorities folder and in the drop-down menu, select All
Tasks and then click on Import.
- The Certificate Import Wizard will appear. At the welcome
screen, click on the Next button.
- You must specify the file to import. Click on the Browse...
button and find and select the QuoVadis Global SSL ICA
certificate. Once selected, it should appear in the File name:
field. Click on the Next button.
- On the next screen, the option for Place all certificates in
the following store should be selected by default and in the Certificate
store: field should be Intermediate Certification Authorities.
Click on the Next button.
- At the summary screen, click on the Finish button.
You should get a message that reads, "The import was successful."
Have the user retest connecting to the application in the Citrix
portal. The error should not appear. If it still does, then verify the
application they are trying to connect to and ensure that these steps
are taken for that particular XenApp Server.