Please enable JavaScript in your browser to use all the features on this site.
- Firefox For Mac Certificate Not Recognized Updating
- Firefox Certificate Download
- Firefox For Mac Certificate Not Recognized
- Firefox For Mac Certificate Not Recognized Supported
Categories
I just added the certificate in IIS 8 (Windows Server 2012) using letsencrypt-win-simple.V1.9.1. There are no problems in Google Chrome but in Firefox the connection is not trusted. Geotrust SSL Certificate not working on Firefox; Geotrust SSL Certificate not working on Firefox. 10 Sep, 2013 SSL Certificates 0 Comments 0.
(Core :: Security: PSM, defect)
Firefox For Mac Certificate Not Recognized Updating
People
(Reporter: contact, Unassigned)
Firefox Certificate Download
Applicable Products
- NetScaler Gateway
- Receiver for Android
- Receiver for Linux
- Receiver for Mac
- Receiver for Windows
Symptoms or Error
Users may receive the following error when launching an application with Receiver for Windows 4.7, Receiver for Mac 12.5, Receiver for Android 3.12.2, Receiver for Linux 13.6 and newer:
Error: You have not chosen to trust '(CERT INFO)', the issuer of the server's security certificate. Contact your help desk for assistance.
Receiver for Mac
Receiver for Android
Solution
Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization's Help Desk for assistance and refer them to this article.
This issue may be caused by an out-of-date intermediate certificate installed at NetScaler Gateway. This does not mean that the CA certificates currently being used is expired but the CA has since released newer versions of that certificate.
Verify the certificate bindings at the NetScaler Gateway to resolve this issue.
Firefox For Mac Certificate Not Recognized
To confirm this, visit the NetScaler Gateway website using a web browser, and examine the certificate chain in the web browser. You may wish to cross-check this by repeating with more than one web browser (such as with Google Chrome and Mozilla Firefox). Then, compare all the certificates in the browser's certificate chain with the certificate chain at NetScaler Gateway.
Note: Compare all the serial numbers in the certificates and not just the Subject Name. If there are any mismatches in intermediate certificates, this is a possible cause.
Update NetScaler Gateway with the corresponding intermediate certificates, as they appear in the web browser. You can export the intermediate certificates from the web browser. If you used more than one web browser, it is possible that they yield different certificate chains. If so, use the newer certificate chain.Firefox For Mac Certificate Not Recognized Supported
People
(Reporter: contact, Unassigned)
Firefox Certificate Download
Applicable Products
- NetScaler Gateway
- Receiver for Android
- Receiver for Linux
- Receiver for Mac
- Receiver for Windows
Symptoms or Error
Users may receive the following error when launching an application with Receiver for Windows 4.7, Receiver for Mac 12.5, Receiver for Android 3.12.2, Receiver for Linux 13.6 and newer:
Error: You have not chosen to trust '(CERT INFO)', the issuer of the server's security certificate. Contact your help desk for assistance.
Receiver for Mac
Receiver for Android
Solution
Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization's Help Desk for assistance and refer them to this article.
This issue may be caused by an out-of-date intermediate certificate installed at NetScaler Gateway. This does not mean that the CA certificates currently being used is expired but the CA has since released newer versions of that certificate.
Verify the certificate bindings at the NetScaler Gateway to resolve this issue.
Firefox For Mac Certificate Not Recognized
To confirm this, visit the NetScaler Gateway website using a web browser, and examine the certificate chain in the web browser. You may wish to cross-check this by repeating with more than one web browser (such as with Google Chrome and Mozilla Firefox). Then, compare all the certificates in the browser's certificate chain with the certificate chain at NetScaler Gateway.
Note: Compare all the serial numbers in the certificates and not just the Subject Name. If there are any mismatches in intermediate certificates, this is a possible cause.
Update NetScaler Gateway with the corresponding intermediate certificates, as they appear in the web browser. You can export the intermediate certificates from the web browser. If you used more than one web browser, it is possible that they yield different certificate chains. If so, use the newer certificate chain.Firefox For Mac Certificate Not Recognized Supported
For more information about installing and linking an intermediate certificate with Primary CA on a NetScaler Gateway appliance, refer to CTX114146.
Problem Cause
The Receiver for Windows 4.7, Receiver for Mac 12.5, Receiver for Linux 13.6 and newer versions are going to validate the root certificates even if it trusts the intermediate, which is not the case with the browsers. If the browser trusts the intermediate, it trusts the server certificate, without going down to the root certificate and will display the newer version of the root from its certificate store and not the actual root certificate sent by the server or NetScaler Gateway.
In Receiver for Android 3.12.2, joint server certificate validation is turned off by default. If this policy is enabled in the Receiver without the correct set of certificates configured on the server/gateway, users may see the error message.
Additional Resources
CTX221453 - Citrix Receiver - SSL Error when connecting via NetScaler
Citrix Documentation - Receiver for Mac, Receiver for Android
CTX114146 - How to Install and Link Intermediate Certificate with Primary CA on NetScaler Gateway
