- Download the Citrix Workspace app from the official website.
- Install using dpkg:
$ cd Downloads $ sudo dpkg -i Citrix-Workspace.deb
Installing a CA Certificate
The pre-installed certificates might work for you. If you get errors when trying to use Citrix, then you’ll likely need to install a CA certificate.
- Go to the VPN website you use Citrix for.
- Click on the lock in front of the url
- Click on certificate (Chrome) or Connection Secure (Firefox)
- Note the authority under Issued By (Chrome) or Verified By (Firefox)
- For example, the certification authority might be: DigiCert TLS RSA SHA256 2020 CA1
- Search for DigiCert TLS RSA SHA256 2020 CA1 in your favorite search engine.
- Select the official site that allows you to download the relevant certificates.
- Download both the PEM and the CRT files.
- Do the following:
$ sudo cp ~/Downloads/DigiCertTLSRSASHA2562020CA1-1.pem /opt/Citrix/ICAClient/keystore/cacerts $ sudo chmod 644 /opt/Citrix/ICAClient/keystore/cacerts/DigiCertTLSRSASHA2562020CA1-1.pem $ sudo /opt/Citrix/ICAClient/util/ctx_rehash
Note: The instructions on the Citrix website seem to be incorrect. It tells you to cp the pem file with a crt extention, even though every other file in the directory is a PEM file. The above copies to the default Citrix directory on Ubuntu, changes the file permissions to -rw-r–r–, and rehashes the new certificate so Citrix can use it.
X.509 Certificate for Chrome or Firefox Browsers
I’m not sure if this is strictly necessary, but it might also be helpful to import the X.509 certificate into Chrome or Firefox. For Chrome (Firefox is similar), do the following:
- Go to the three dots (hamburger)
- Select Chrome settings
- Search for: certificate
- Click on Security
- Click on Manage Certificates
- Click on Authorities
- Click on Import
- Select ~/Downloads/DigiCertTLSRSASHA2562020CA1-1.crt
- Select all three options.