Error 82 on a Citrix client
Citrix has documented this issue. To troubleshoot, you'll have to use corrected versions of its products:
Cannot connect to the Citrix xxx Server. SSL Error 82: The security certificate "AddTrust External CA Root" is not suitable for use in SSL connections. Reaseon : Unsuitable Netscape Usage Extension field.Other solution?
If you have a TBS X509 certificate, you'll have to change the intermediate root that has been installed with the .p7b file. Do not install:http://www.tbs-x509.com/AddTrustUTNServerCA.crt
Common Name: AddTrust External CA Root
Validity date: 2019-07-09
Serial number: 1C CE 44 62 95 19 7A 9D 63 52 F9 F2 23 A9 B6 98
but:
http://www.tbs-x509.com/AddTrustUTNLegacyCA.crt
Common Name: AddTrust External CA Root
validity date: 2019-07-09
Serial number: 3D 02 7B 2F B9 2E 66 5C 62 22 F8 D6 32 BC 7F B8
To do so, launch the MMC as explained here (step 1):
Install intermediate and root certificates manually
Go to Intermediate Certification Authorities. in the list, search for "AddTrust External CA Root". If you find it, delete it.
Now add the certificate (right click / All Tasks / Import):
http://www.tbs-x509.com/AddTrustUTNLegacyCA.crt
Restart your le Citrix Secure Gateway. Citrix client should now be able to get connected.
Last edited on 07/03/2020 12:09:10 --- [search]