SSL Error 86: "The security certificate 'abc.domain.com' could not be validated" on Citrix Secure Gateway

SSL Error 86: "The security certificate 'abc.domain.com' could not be validated" on Citrix Secure Gateway

book

Article ID: CTX130048

calendar_today

Updated On:

Description

When launching an application through Citrix Secure Gateway, the following SSL error is displayed:
Unable to launch your application. Contact your help desk with the following information: Cannot connect to the Citrix XenApp server.
SSL Error 86: The security certificate 'abc.domain.com' could not be validated. (SSL provider code: unable to get local issuer certificate)

User-added image

Environment

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.

Resolution

Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization’s Help Desk for assistance and refer them to this article.

To resolve the preceding error, complete the following procedure:

  1. On the website displaying the error, click Certificate Error, and select View Certificates.

    User-added image

  1. Click the Certification Path tab, and verify that the certificates listed in the Certification Path section does not display a red cross.

    User-added image

  1. If a red cross is displayed, then add the certificate from the untrusted source to the local computer.

    User-added image

  1. To add the certificate, click the certificate with the red cross and select View Certificate.

  2. Select the Details tab and select Copy to File.

    User-added image

  1. Follow the onscreen instructions and create a file with .cer extension.

  2. Navigate to the file created and double-click the file.

  3. Select Install Certificate.

  4. Select the Place all certificates in the following store option.

    User-added image

  1. Select Show physical store and expand the Trusted Root Certification Authorities folder.

    User-added image

  1. Select Local Computer and click OK.

    User-added image

  1. Click Next and then click Finish to complete importing the certificate.

  2. Verify that no red cross is displayed in the certification path.

  3. Close Internet Explorer and restart the application.

Problem Cause

This error might occur if the SSL Certificate in the certification path is not valid.

All certificates in the certification path must be valid and from a trusted source when connecting to Citrix XenApp Server through a Citrix Secure Gateway by using an SSL connection.

Issue/Introduction

This article explains how to address SSL error 86 when connecting to Citrix XenApp Server through Citrix Secure Gateway.

Additional Information

CTX114146 - How to Install an Intermediate Certificate on NetScaler Gateway

CTX101990 - Error: "The server certificate received is not trusted (SSL Error 61)" for Receiver Users

Chain Certificates

OS X Yosemite: If your certificate isn’t being accepted

Powered by Wolken Software