Installing the Citrix Workspace (formerly Receiver) on a Linux machine should be simple. After all, installing it on a Chromebook worked just fine (after enabling High DPI since my Chromebook has such a display).
But on Linux all I got was: You have not chosen to trust “Entrust Root Certification Authority – G2”, the issuer of the server’s security certificate.
Well, I was not aware of it and Chrome itself as well as Firefox had no issues with https://validg2.entrust.net/
So what’s throwing that error message?
Seems it’s the Citrix Workspace application itself which uses its own certificate store and it needs some more certificates (see https://support.citrix.com/article/CTX231524):
- Get the missing Entrust G2 root certificate from here
- Copy it to /opt/Citrix/ICAClient/keystore/cacerts/ (this is where the Debian package installed into)
- Rehash the certificates
Et voilà: it works. See also this entry in the Citrix forum. Different root certificate, but same problem.
Seems the Citrix Workspace app has its own certificate store. Why is beyond me as the system usually has a certificate store already. Why not use that one?
Note: The need for the Entrust certificate seems to be because the point to what I connect to uses a certificate signed by Entrust. Thus not everyone will need this particular root certificate. But whichever you need, it needs to be in /opt/Citrix/ICAClient/keystore/cacerts/