We just installed a Citrix Access Gateway with a Comodo SSL certificate and while everything seems to work fine for most people, we are getting users who cannot launch a Citrix session due to the following error.
SSL Error 61: You have not chosen to trust “COMODO High Assurance Secure Server CA”, the issuer of the server’s security certificate.
We tested successfully using IE and firefox and can see the certificate hierarchy/chain in the browsers that work, but users (mostly on personal computers) running Firefox, Safari etc, are getting this error. To fix it we’re having to manually install the intermediate certificate on their computers.
Is there something wrong with our certificate? Why do some people have this issue while other’s using the same browser do not? My only theory is that some people havent installed the windows update that Microsoft releases every so often that updates the list of trusted root certificates and the people having the problems have not.
The server is only presenting the server certificate and no others. Thus, when Citrix connects, it puts up that message. Please ensure you are installing the FULL certificate hierarchy in the CAG.
It doesn’t have anything to do with KB931125 (Root Updates) at this time.