CWA for Android: Fail to Launch Apps and Desktops
Article ID: CTX292676
Updated On:
Description
Applications are enumerated correct, But when you try launch Apps it fails to connect.
Error logged during launch is "javax.net.ssl.SSLPeerUnverifiedException: Check that all CAs are compliant and are installed properly"
Full trace
=======
"2021-01-20T06:57:18.559+0530","TCPSocketFactory","INFO ( 4)","All connection attempts failed using UDT",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.560+0530","TCPSocketFactory","INFO ( 4)","Creating initial full ProxyChain for TCP",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.571+0530","FindProxy","WARNING ( 3)","[===> Trying to load cck.so!",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.574+0530","TCPSocketFactory","INFO ( 4)","Creating CGPProxy (nextHost = xxx.xxx.xxx:2598)",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.668+0530","TCPSocketFactory","DEBUG1 ( 6)","Connecting proxy com.citrix.client.io.net.ip.proxy.g@792dc18 to xxxx.xxx.xxx:2598",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.668+0530","SSLProxy","WARNING ( 3)","[===> Calling connect port=xxx.xxx.xxx with protocol bitmask 0x7",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.837+0530","SSLProxy","ERROR ( 2)","Error message : javax.net.ssl.SSLPeerUnverifiedException: Check that all CAs are compliant and are installed properly
at com.citrix.cck.jsse.ssl.CitrixSSLSocket.assertCryptoKitResult(CitrixSSLSocket.java:3)
at com.citrix.cck.jsse.ssl.CitrixSSLSocket.startHandshake(CitrixSSLSocket.java:19)
at com.citrix.cck.jsse.ssl.CitrixSSLSocketFactory.createSslSocket(CitrixSSLSocketFactory.java:4)
at com.citrix.cck.jsse.ssl.CitrixSSLSocketFactory.createSslSocket(CitrixSSLSocketFactory.java:1)
at com.citrix.cck.jsse.ssl.CitrixSSLSocketFactory.createSocket(CitrixSSLSocketFactory.java:39)
at com.citrix.client.io.net.ip.proxy.g.a(SSLProxy.java:25)
at com.citrix.client.io.net.ip.TCPSocketFactory.a(TCPSocketFactory.java:35)
at com.citrix.client.io.net.ip.TCPSocketFactory.a(TCPSocketFactory.java:15)
at com.citrix.client.module.td.tcp.TCPTransportDriver.connect(TCPTransportDriver.java:21)
at com.citrix.client.module.td.TransportDriver.run(TransportDriver.java:6)
at java.lang.Thread.run(Thread.java:923)
",14831,14947,Workspace, , ,0
"2021-01-20T06:57:18.838+0530","FeatureFlagManager","INFO ( 4)","Showing feature rfandroid_analytics_ws",14831,14936,Workspace, , ,0
"2021-01-20T06:57:18.838+0530","EuemVirtualDriver","ERROR ( 2)","Exception in Process Command java.io.EOFException",14831,14946,Workspace, , ,0
"2021-01-20T06:57:18.838+0530","EuemVirtualDriver","INFO ( 4)","driverShutdown()",14831,14946,Workspace, , ,0
"2021-01-20T06:57:18.840+0530","TUI","DEBUG1 ( 6)","onDriverShutdown",14831,14831,Workspace, , ,0
"2021-01-20T06:57:18.841+0530","CtxUsb","ERROR ( 2)","Exception in Process Command java.io.EOFException",14831,14945,Workspace, , ,0
"2021-01-20T06:57:18.841+0530","CtxUsb","INFO ( 4)"," Shutting Down USB Virtual Driver....",14831,14945,Workspace, , ,0
"2021-01-20T06:57:18.849+0530","AndroidDialogManager","ERROR ( 2)","java.lang.RuntimeException: javax.net.ssl.SSLPeerUnverifiedException: Check that all CAs are compliant and are installed properly
=========
Resolution
2.) In some cases, the issue occurs since the Gateway do not share Intermediate CA certificate. In this case we need to find the Intermediate certificate from the SSL certificate provider and link it in the Gateway by following https://docs.citrix.com/en-us/citrix-gateway/current-release/install-citrix-gateway/certificate-management-on-citrix-gateway/configure-intermediate-certificate
Problem Cause
The issue happens since CWA for Android cannot verify the Root CA or Intermediate CA certificate used by Gateway URL.One method to check that the certificates are installed and configured correctly would be using SSL checker tool, For eg: https://www.digicert.com/help/. Every SSL provider will have their own SSL checked tool, try to find out the SSL provider of Gateway Certificate and use their SSL checker tool to verify the Certificate online.
Additional Information
