For Umoja users: If you have any issues logging in through Citrix and/or have this dialog Citrix Receiver: You have not chosen to trust “COMODO High-Assurance Secure Server CA”, the issuer of the server’s certificate error come up.
This note is for users who are using Apple / MAC products to login to Umoja. This note is to make sure you have the steps to install necessary components for your Citrix connection to work.
1. Installation of the Citrix receiver
2. Downloading the necessary certificates and
3. Installing the certificated in apple keychain.
Installation of the receiver
Go to citrix download site (http://www.citrix.com/go/receiver.html) and your computer will automatically detect the appropriate receiver for you. If not choose the receiver 12.1 for mac

Once the dmg file is downloaded follow the normal instruction to install the Citrix receiver onto your computer. Once it is complete, you will have this icon in your applications stalk.

If you try to access the citrix without proper certificates installed you will get an error like this:

Both Safari / Chrome didn’t complain about the trust. This most likely has to do with the way the certificates are chained. Where the browsers “see” the entire chain (AddTrust External CA Root “COMODO High-Assurance Secure Server CA “; ) the Citrix Receiver only sees the server certificates and expects the signing certificate in the keychain.
Downloading the certificates:
First we need to get our hands on the certificate of the signing party (in this case the COMODO certificate). One way of retrieving the root / intermediate certificate is by downloading it from the signing part, COMODO provides a download portal containing all their root / intermediate certificates
Go the url: https://support.comodo.com/index.php?/Default/Knowledgebase/List/Index/71 and click on the two certificate links as marked and download them. The download link is available after you click this URL and scroll through the bottom of that page

Save the two certificates in an easily accessible folder for the next step
Installation of the certificates
Now you’ve got the certificate file you can import it in the Keychain. Just like installing any other application, once you know how it’s done it’s easier than brushing your teeth. Go to the folder you had downloaded the certificates and double click on the certificate file. This will open the Add Certificates dialog where you can select the Keychain (login), all you then have to do is click on Add.

Once it is done, you need to make sure the certificates are marked as trusted certificates. To do that you need to click on View Certificates. If you had forgotten to click, open Keychain from Launchpad.

Select one of the COMODO certificate that was installed before (double click)

Open the Trust section and make sure the option ‘Always Trust’ is selected against the first option ‘When using the certificate’. You can access Umoja without any issues after this.

Thanks to our colleague Siva who originally published this on his blog.
Leave a Reply