Citrix Workspace For Chrome



downloadWhy can't I download this file?

Applicable Products

  • Receiver for HTML5
  • Receiver for Chrome

Symptoms or Error

Workspace

Connection to StoreFront/VDA will fail and may show cannot connect to server error or some SSL Certificate error in console logs. One of the reason could be invalid SSL certificate.

Applicable Products:

Citrix Receiver for HTML5, Citrix Receiver for Chrome, Citrix Workspace app for Chrome, Citrix workspace app for HTML5

Solution

Recommended solution: Update the certificates.

Alternatively, you can try this workaround:

Citrix

  1. Close the Citrix Workspace app for Chrome / Citrix Receiver for Chrome.

  2. Open Chrome browser in your Chromebook.

  3. Visit your site.

  4. It will show some error as below. Hp scanjet 3570c driver.

Now, open the Citrix Workspace app for Chrome or Citrix Receiver for Chrome and it might allow you to access your StoreFront/VDA.

Citrix Workspace For Chromebook

Workspace

Citrix Workspace For Chrome Os

Other possible workaround for specific certificate error:

Citrix Workspace For Chromebook

  1. NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM error
    Latest Firefox and Chrome browsers do not support SHA-1 certificate and StoreFront connection fails with error: NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
    Citrix Receiver for Chrome/HTML5 or Citrix Workspace app for Chrome/HTML5 cannot establish secure connection and session launch will fail

  2. NET::ERR_CERT_COMMON_NAME_INVALID error
    Chrome requires Subject Alternative Name for SHA-2 certificate, without SAN (Subject Alternative Name) in the SHA-2 certificate, the connection will fail with error NET::ERR_CERT_COMMON_NAME_INVALID
    Session launch fails with CERT_COMMON_NAME_INVALID(-200) error dialog
    Workaround for NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM and
    NET::ERR_CERT_COMMON_NAME_INVALID:

    • Mozilla:

      Enable network.websocket.allowInsecureFormHTTPS from about:config

    • Chrome:
      Chrome by default requires SHA2 Certificate with Subject Alternative Names (SAN)
      Add the following registry keys at : SoftwarePoliciesGoogleChrome

    • EnableCommonNameFallbackForLocalAnchors – true
      (Note: Chrome need SAN by default)

    • EnableSha1ForLocalAnchors – true
      (Note: SHA1 is not supported)
      Recommended Solution: Use SHA2 certificates with Subject Alternative Names (SAN).

      Problem Cause:

    • CTX134123 - Receiver for HTML5 - Unable to Launch Apps Using HTTPS URL

    • CTX217352 - How to Collect Logs in Receiver for Chrome and Receiver for HTML5 Microsoft office 2003 bittorrent.

  3. NET::ERR_CERT_SYMANTEC_LEGACY
    From Chrome OS version 66 onwards the SSL certificate from Symantec is distrusted. You can go through https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html to know more about it.
    Workaround: Try general workaround mention above.
    Recommended Solution: Update SSL certificates.

Problem Cause

Citrix Workspace For Chrome

  • CTX134123 - Receiver for HTML5 - Unable to Launch Apps Using HTTPS URL

  • CTX217352 - How to Collect Logs in Receiver for Chrome and Receiver for HTML5