Solution

When a user attempts to connect to an application within Citrix, after they have logged into the Citrix portal, they receive an error that says, "Error SSL 61: You have chosen not to trust "QuoVadis Global SSL ICA", the issuer of the servers security certificate."

This error message appears because the QuoVadis Global SSL ICA certificate has not been installed on the in the intermediate certification authority store on each XenApp Server (formally known as the Citrix Presentation Server).  Below are the are steps that you will need to follow in on each XenApp Server in your Citrix environment that offers an application in the portal.

Installing the QuoVadis Global SSL ICA

These steps must be done on each XenApp Server.  This also assumes that your XenApp Servers are running in a Microsoft Windows Environment. 

First you must open the Microsoft Management Console.

1. Click on Start and then Run.


2. In the Run window, type MMC in the Open: field and click on OK.

The Console1 window will appear.


3. Click on File at the top and then select Add/Remove Snap-in...  Alternatively, you can press Ctrl + M.


4. In the new window, click on the Add... button at the bottom.  This will open a third window.


5. Scroll down in the Add Standalone Snap-in window and find the Certificates component.  Once found, highlight it and click on the Add button at the bottom.  Alternatively, you can double-click on Certificates.

In a new window, you will be given 3 options for which account you want the certificates snap-in to manage.


6. Select the Computer account radio button and click on the Next button.


7. At the next screen, click on the Finish button.


8. Back in the Add Standalone Snap-in window, click on the Close button.


9. Click on the OK button in the Add/Remove Snap-in window.

You should be back in the Console1 window.  You will see that the Certificates (Local Computer) has been added on the left hand pane.


10. Click on the "+" sign next to Certificates (Local Computer) to expand it.


11. Locate and expand the Intermediate Certification Authorities store and then click on the Certificates folder underneath it.

In the right hand pane, you should see a list of certificates.  Verify that you have the QuoVadis Global SSL ICA certificate in this list of certificate in the right hand pane.  If you do not have this certificate installed, then the next steps will guide you through the process of installing it.


12. Place the certificate in a directory where they can be accessed by the server.


13. Right-click on the Certificates folder underneath the Intermediate Certification Authorities folder and in the drop-down menu, select All Tasks and then click on Import.


14. The Certificate Import Wizard will appear.  At the welcome screen, click on the Next button.


15. You must specify the file to import.  Click on the Browse... button and find and select the QuoVadis Global SSL ICA certificate.  Once selected, it should appear in the File name: field.  Click on the Next button.


16. On the next screen, the option for Place all certificates in the following store should be selected by default and in the Certificate store: field should be Intermediate Certification Authorities.  Click on the Next button.


17. At the summary screen, click on the Finish button.

You should get a message that reads, "The import was successful."

Have the user retest connecting to the application in the Citrix portal.  The error should not appear.  If it still does, then verify the application they are trying to connect to and ensure that these steps are taken for that particular XenApp Server.