Posted by: Niko | January 23, 2007

Citrix ICAClient on Linux

Citrix ICAClient in Linux didn’t work out-of-the-box at my Ubuntu. I logged in to the MetaFrame Web Interface and tried to start an application but I got an error “You have not chosen to trust Thawte Premium Server CA, the issuer of the server’s security certificate.

After some googling I found out that I actually have to copy Thawte’s root certificates to the /usr/lib/ICAClient/keystore/cacerts directory (in my case web server’s certificate was issued by Thawte). After the copy I also had to make a symbolic link because ICAClient seems to read only .crt files from the cacerts directory.

Here is the complete procedure:

1. Download Citrix ICAClient for Linux from

2. Extract the tar-package, run setupwfc installation script and follow the on screen instructions.

4. Download your certificate issuer’s root certificates. Thawte’s could be found at

5. Copy the correct .cer file to the /usr/lib/ICAClient/keystore/cacerts (in my case the right root certificate was ThawtePremiumServerCA.cer)

cd /usr/lib/ICAClient/keystore/cacerts/

cp path_to_root_certificate/ThawtePremiumServerCA.cer .

6. Create symbolic link in the cacerts directory so a your_root_cert.crt link points to your_root_cert.cer file.

ln -s ThawtePremiumServerCA.cer ThawtePremiumServerCA.crt


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: