Tagged: 3040, certificate, citrix, ThinsOS9
- This topic has 18 replies, 9 voices, and was last updated 3 years, 6 months ago by
edv-hotline.
-
AuthorPosts
-
September 25, 2020 at 3:24 pm #53152
Hi,
We are facing the following issue after upgrading our Wyse 3040s from ThinOS8.6 to ThinOS 9:
After successfully upgrading to the latest firmware, the client fails to contact our Citrix broker, showing the following error message: “self signed certificate in certificate chain.”
All required certificates have been applied using the WMS. We managed to fix that error by simply removing the available certificate from the local client. The login works like a charm right after a reboot.
Is this a known issue? Anything we need to adjust in our WMS? For sure, we don’t want to manually adjust each client as we use an entire fleet.
The upgrade has been conducted by updating from version 8.5 to 8.6. The final upgrade to 9.0 was applied afterwards.
Here’s the client log with the errors mentioned above:
2020-09-25T07:20:55.955Z:[INFO] [Citrix storefront]: request error => Error: self signed certificate in certificate chain
2020-09-25T07:20:55.957Z:[INFO] [Citrix storefront]: roaming() error => Error: self signed certificate in certificate chain
2020-09-25T07:20:55.957Z:[INFO] [Citrix storefront]: login failed error => Error: self signed certificate in certificate chain
2020-09-25T07:20:55.963Z:[INFO] [vdimgr] tryLogin [https://Citrix Broker URL] err => Error: self signed certificate in certificate chain
2020-09-25T07:20:55.964Z:[ERROR] [vdimgr] tryTask error => Error: self signed certificate in certificate chain
2020-09-25T07:20:55.965Z:[ERROR] [vdimgr] tryTask error => Error: self signed certificate in certificate chainOctober 1, 2020 at 2:46 pm #53179This looks like a certificate issue.
What 9.0 version are you using?CG
October 2, 2020 at 3:44 am #53203I’m seeing/having the same issue “Error: self signed certificate in certificate chain”.
ThinOS version 9.0.3030 with Citrix 2006_1130 pkg. Same terminal works from External. When brought into the Internal LAN, that’s when the error occurs. Makes no sense as it’s hitting the same Netscaler Gateway VIP from inside and outside. What is thinOS/workspace checking during prior to connecting?
October 14, 2020 at 12:07 pm #53286we got the same issue.
thinos 8.6 works fine with our root certificate, upgrade to the latest thinos 9.x produces the certificate error, removing local stored certificate, reboot, obtain the same certificate by wms and it works again.
that is a bad issue if you want to upgrade all devices, because actually we have to do this workaround on any device
December 10, 2020 at 3:34 pm #53782any new thoughts on this?
December 10, 2020 at 5:33 pm #53787Are the time and date correct on the ThinOS 9 device?
CG
December 11, 2020 at 7:46 am #53811Yes time and date are correct. if we delete the root cert and install it again it works. same certificate
December 20, 2020 at 6:02 pm #53869What ThinOS 9.0 version are you using? What is your upgrade path?
CG
December 21, 2020 at 4:12 pm #53900First we upgrade from 8.6_206 to Version 9.0_011.36 and after that to the version V9.0.3030
the issue occurs also on 9.0_011.36, uninstall and install again the certificate works, but is not the way we want to do this ^^December 22, 2020 at 4:47 pm #53915Have you checked with Dell support already?
Have you added the certificate to the 9.x policy also?
CG
January 6, 2021 at 1:00 pm #54006we will open a case for that issue.
yes we added the certificate also to the 9.x policy
January 6, 2021 at 1:15 pm #54010I have had the same issue, working fine with WTOS 8.6 and not with 9.
Turned out that I was missing a root cert from our PKI in the chain.January 6, 2021 at 1:19 pm #54012okay, but what i do not understand is, that if we manually uninstall the policy-based installed certificate and install the same certificate again by policy it works ^^
January 6, 2021 at 1:23 pm #54016I’m receiving mail notification for that thread but haven’t subscribed to it nor participated.
can you remove me please?
January 6, 2021 at 1:27 pm #54024Yep I’m getting notifications for all replies. Also when I login I seem to have Site Admin access. Might want to fix that pretty quickly!
-
AuthorPosts
- You must be logged in to reply to this topic.