So you are launching a Citrix XenApp Application and your application will not open.  You are stopped in your tracks with an SSL Error 61 on your screen.  The root cause of this is a missing Trusted Root or Intermediate Certificate on your PC.

[wp_ad_camp_1]

Here are some the considerations for resolving this issue.

  • Determine if you are using SHA1 or SHA2 certificates.  Typically you will be using SHA1 if the certificate if the certificate expires before the end of 2016.  SHA2 will be the standard after that; however, if you are ordering 3 year certificates today you will be provided with a SHA2 certificate.  http://technet.microsoft.com/en-us/security/advisory/2880823
  • SHA1 certificates will require a trusted root certificate to resolve
  • SHA2 certificates will require an intermediate certificate to be loaded

This article will focus on the steps to resolve SSL Error 61 error using Digicert SHA2 certificates.

1)      Open Internet Explorer go to https://www.digicert.com/digicert-root-certificates.htm

2)      Download the Intermediate Certificate called  “DigiCert SHA2 High Assurance Server CA” or the appropriate certificate for your environment and save your PC or a network location

3)      Go to Start, Search from your Windows 7 workstation

4)      Type MMC and press enter

ssl61pic1

5)      From the menu select, Add/Remove SnapIn

6)      Select Certificates and click “Add”, then click OK

ssl61pic2

7)      Choose Computer Account and click Next

ssl61pic3

8)      Choose Local Computer and click finish and click OK

ssl61pic4

9)      Expand Intermediate Certificates and click on Certificates.

10)    Right-click on Certificates, then selectAll Tasks, and click Import

ssl61pic5

11)      Click Next on the Certificate Import Wizard

ssl61pic6

12)      Click Browse and go to the location of the downloaded certificate and then click Next

ssl61pic7

13)      Click Next

ssl61pic8

14)      Click Finish

ssl61pic9

15)     Test the application to verify the SSL Error 61 error has gone away