X
Tap here to go to the mobile version of the site.

Support Forum

How do I fix SSL error 61 (Linux OS)

Posted

Every time I try to connect to my internal website from a Linux OS Thin Client I recieve the SSL error 61. Firefox is the only browser on the Thin Client. There are no issues connecting from Non-Linux systems on any browser including Firefox.

Error Below: SSL error Contact your help desk with the following information: You have not chosen to trust " Go Daddy Secure Certificate Authority - G2", the issuer of the server's security certificate (SSL error 61).

How do I fix this error? I have already tried installing the cert manually to the client.

Every time I try to connect to my internal website from a Linux OS Thin Client I recieve the SSL error 61. Firefox is the only browser on the Thin Client. There are no issues connecting from Non-Linux systems on any browser including Firefox. Error Below: SSL error Contact your help desk with the following information: You have not chosen to trust " Go Daddy Secure Certificate Authority - G2", the issuer of the server's security certificate (SSL error 61). How do I fix this error? I have already tried installing the cert manually to the client.

Chosen solution

Cor-el: This does solve the issue for SHA1 certs.


I have added the certificate to the Citrix DB. I finally found the issue after researching the forums of Citrix and other various sites.

This issue is the cert itself, we purchased a cert and uses SHA2, however the Linux Citrix Receiver does not support SHA2 at this point.

So the only resolution is to either Re-Key the cert to use SHA1 or wait for an update from Citrix.

Thank you both for your time.

c

Read this answer in context 0

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.1 r102
  • Citrix HDX Plugin (Linux) Version 13.0.0.256735 (/.flash/root-cow/usr/lib/ICAClient/wfica)
  • MozPlugger version 1.14.3, maintained by Louis Bavoil and Peter Leese, a fork of plugger written by Fredrik Hübinette.For documentation on how to configure mozplugger, check the man page. (type man mozplugger) Configuration file:/etc/mozpluggerrc Helper binary:mozplugger-helper Controller binary:mozplugger-controller Link launcher binary:mozplugger-linker

Application

  • Firefox 24.0
  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0
  • Support URL: https://support.mozilla.org/1/firefox/24.0/Linux/en-US/

Extensions

  • Troubleshooter 1.1a (troubleshooter@mozilla.org)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: VIA Technologies, Inc. -- Gallium 0.4 on Chrome9
  • adapterDeviceID: Gallium 0.4 on Chrome9
  • adapterDrivers:
  • adapterRAM:
  • adapterVendorID: VIA Technologies, Inc.
  • driverDate:
  • driverVersion: 1.4 Mesa 7.11.2
  • info: {u'AzureCanvasBackend': u'cairo', u'AzureFallbackCanvasBackend': u'none', u'AzureContentBackend': u'none'}
  • numAcceleratedWindows: 0
  • numAcceleratedWindowsMessage: [u'blockedGfxCard']
  • numTotalWindows: 1
  • webglRendererMessage: [u'blockedGfxCard']
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Basic

Modified Preferences

  • browser.cache.disk.capacity: 50000
  • browser.cache.disk.smart_size.enabled: False
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.memory.capacity: 10000
  • browser.places.smartBookmarksVersion: 4
  • browser.search.update: False
  • browser.sessionstore.enabled: False
  • browser.startup.homepage_override.buildID: 20130911160237
  • browser.startup.homepage_override.mstone: 24.0
  • extensions.lastAppVersion: 24.0
  • network.cookie.prefsMigrated: True
  • places.database.lastMaintenance: 1411563830
  • places.history.expiration.transient_current_max_pages: 4209
  • plugin.disable_full_page_plugin_for_types: application/pdf
  • plugin.importedState: True
  • privacy.sanitize.migrateFx3Prefs: True
  • storage.vacuum.last.index: 0
  • storage.vacuum.last.places.sqlite: 1411563829

Misc

  • User JS: No
  • Accessibility: No
jscher2000
  • Top 10 Contributor
7435 solutions 60685 answers

With Citrix? I do see threads on that on the web:

error-61 "You have not chosen to trust"

The discussion seems to be outside the scope of Firefox support, but it could be that I just don't understand it very thoroughly.

With Citrix? I do see threads on that on the web: [https://www.google.com/search?q=error-61+%22You+have+not+chosen+to+trust%22 error-61 "You have not chosen to trust"] The discussion seems to be outside the scope of Firefox support, but it could be that I just don't understand it very thoroughly.

Question owner

It is connecting through a Citrix Receiver but that should be irreverent as the certs are installed through Firefox and are handled, and Firefox is the application displaying that the CA is not trusted.

I guess what I'm getting at is for some reason the CA is not trusted, how do I force Firefox to realize that the CA is trusted even though I have installed the Root cert already. I have contacted Citrix and they said this is not their issue, HP has no idea why. The last party I have not contacted is Firefox. Maybe I'm just grasping at straws here?

It is connecting through a Citrix Receiver but that should be irreverent as the certs are installed through Firefox and are handled, and Firefox is the application displaying that the CA is not trusted. I guess what I'm getting at is for some reason the CA is not trusted, how do I force Firefox to realize that the CA is trusted even though I have installed the Root cert already. I have contacted Citrix and they said this is not their issue, HP has no idea why. The last party I have not contacted is Firefox. Maybe I'm just grasping at straws here?
jscher2000
  • Top 10 Contributor
7435 solutions 60685 answers

Hmm, I don't think that error message is generated by Firefox...

Are you getting the usual two or three-part error page with a Technical Details section? If so, please copy the contents of that section and paste it in a reply.

Hmm, I don't think that error message is generated by Firefox... Are you getting the usual two or three-part error page with a Technical Details section? If so, please copy the contents of that section and paste it in a reply.

Question owner

No, it does not have the error page. I did however just notice that the prompt is being displayed by Receiver. So, I can rule out Firefox causing the issue. Although the browser does connect to the Receiver hence my thinking that Firefox was causing an issue.

Thank you for you time and helping me talk thought this with a fresh pair of eyes so to speak.

No, it does not have the error page. I did however just notice that the prompt is being displayed by Receiver. So, I can rule out Firefox causing the issue. Although the browser does connect to the Receiver hence my thinking that Firefox was causing an issue. Thank you for you time and helping me talk thought this with a fresh pair of eyes so to speak.
cor-el
  • Top 10 Contributor
  • Moderator
16390 solutions 147861 answers

You would have to add this certificate to the Citrix certificate database.

You would have to add this certificate to the Citrix certificate database. *http://support.citrix.com/search?searchQuery=SSL+error+61&Submit.x=0&Submit.y=0

Chosen Solution

Cor-el: This does solve the issue for SHA1 certs.


I have added the certificate to the Citrix DB. I finally found the issue after researching the forums of Citrix and other various sites.

This issue is the cert itself, we purchased a cert and uses SHA2, however the Linux Citrix Receiver does not support SHA2 at this point.

So the only resolution is to either Re-Key the cert to use SHA1 or wait for an update from Citrix.

Thank you both for your time.

c

Cor-el: This does solve the issue for SHA1 certs. I have added the certificate to the Citrix DB. I finally found the issue after researching the forums of Citrix and other various sites. This issue is the cert itself, we purchased a cert and uses SHA2, however the Linux Citrix Receiver does not support SHA2 at this point. So the only resolution is to either Re-Key the cert to use SHA1 or wait for an update from Citrix. Thank you both for your time. c