Citrix Workspace on Linux

Two minor tweaks to get the Citrix Workspace app working as it should be on Linux.

Certificate errors preventing a connection?
Citrix Workspace (formerly Citrix Receiver) for Linux does not trust too many Root Certificate Authorities by default. This causes certificate errors when you are trying to connect to a server with a certificate from an untrusted CA.

In my case I find the “Staat der Nederlanden Root CA – G3” missing as a trusted CA which leaves me unable to connect to the office Citrix farm. However adding a missing Root CA certificte is quite easy.

First download (for the Staat der Nederlanden Root CA you can look here) or export the root certificate (from your browser) in X.509 (PEM) format. Give the downloaded file the .crt file extension.

Next step is to copy it to the certificate to the Citrix keystore. I’m using the Staat der Nederlanden Root CA as an example.

sudo cp StaatderNederlandenRootCA-G3.crt /opt/Citrix/ICAClient/keystore/cacerts/

Make the file readable for everyone.

sudo chmod 644 /opt/Citrix/ICAClient/keystore/cacerts/StaatderNederlandenRootCA-G3.crt

Use the rehash utility to create symbolic links to the copied certificate named by the hash value.

sudo /opt/Citrix/ICAClient/util/ctx_rehash

That will do it.

No Connection-bar?
You have just upgraded from an older version and you are missing the dropdown menu?

It seems that some configuration files are not updated with new settings on each upgrade. In this case the All_Regions.ini file is missing a setting.

Open $HOME/.ICAClient/All_Regions.ini with your favorite editor.

nano $HOME/.ICAClient/All_Regions.ini

Search for the [Client Engine\GUI] section. There are already a few lines present below this section, just add the following below the other lines.

ConnectionBar=1

Now save the file and quit the editor.

Some useful links:
Citrix Workspace App (CWA) for Linux – Download
Citrix Documentation – Citrix Workspace app for Linux
Citrix Support Article – ICA File Not Launching Automatically
Citrix Support Article – How to trust a CA certificate in Receiver for Linux