From owner-freebsd-questions@FreeBSD.ORG Thu Jul 1 16:05:26 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E491D1065673 for ; Thu, 1 Jul 2010 16:05:25 +0000 (UTC) (envelope-from andrewlylegould@gmail.com) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id AB66D8FC1B for ; Thu, 1 Jul 2010 16:05:25 +0000 (UTC) Received: by iwn9 with SMTP id 9so2627787iwn.13 for ; Thu, 01 Jul 2010 09:05:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=mZc/2BO6J4Aj5n5OlEAlz/YQwI6RBsFYSC45B0eAjwE=; b=wmL0urhZz0x8qeWx3t1DoxdcBEcIjBmtgCxra4+6pSIc6zf4rubqAB7K0k0XbBl+79 mXtGO1X/gKGKnuDHiMlQg21ACynVki1TlBGYfN409VmIqxGnt9Zn3Adb5cnMjzgpLu66 ziC2HTs7SyTYa/8JtDS+x3325rEhqJ7TutbO4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=MeuqkfaaEILdszPGBxi1DdqqAewfElZCEZxlAa1LwvHD+wSJDuJvKABIN2MFILxEnV 3qoTbqgg+9pNmCIeRQfyVO3TobK/z5uLqZhCSCBPEO0C2CQRD/14XHOwDfzmoC6DHC7+ 7mfjcDAZlEeS37sjsUllU0Nw7V0nebj4RAILc= MIME-Version: 1.0 Received: by 10.42.7.210 with SMTP id f18mr3510569icf.9.1278000324833; Thu, 01 Jul 2010 09:05:24 -0700 (PDT) Received: by 10.231.15.73 with HTTP; Thu, 1 Jul 2010 09:05:24 -0700 (PDT) Date: Thu, 1 Jul 2010 11:05:24 -0500 Message-ID: From: Andrew Gould To: FreeBSD Mailing List Content-Type: text/plain; charset=ISO-8859-1 Subject: java citrix client on seamonkey X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Jul 2010 16:05:26 -0000 I'm trying to access applications on my employer's network via Citrix. I'm using seamonkey as my browser on FreeBSD 7.3 Release. I have installed diablo-jdk-freebsd7.i386.1.6.0.07.02.tbz. and the icedtea6-stubs package. My employer's website for Citrix access facilitates the installation of the Java client for Citrix. When I try to open an application, I get a message stating that I haven't chosen to trust GlobalSign Root CA. I installed the certificates in seamonkey; but I still get the error message. The details of the error are here: x.sdk.jsse.CitrixSSLException: You have not chosen to trust "GlobalSign Root CA", the issuer of the server's security certificate. at com.citrix.sdk.jsse.SocketFactory.createSslSocket(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.citrix.client.io.net.ip.proxy.o.a(Unknown Source) at com.citrix.client.io.net.ip.z.a(Unknown Source) at com.citrix.client.io.net.ip.z.a(Unknown Source) at com.citrix.client.module.td.tcp.TCPTransportDriver.s(Unknown Source) at com.citrix.client.module.td.TransportDriver.run(Unknown Source) at java.lang.Thread.run(Thread.java:619) Caused by: javax.net.ssl.SSLHandshakeException: com.citrix.sdk.jsse.i at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) ... 11 more Caused by: com.citrix.sdk.jsse.i at com.citrix.sdk.jsse.a.a(Unknown Source) at com.citrix.sdk.jsse.a.a(Unknown Source) at com.citrix.sdk.jsse.a.a(Unknown Source) at com.citrix.sdk.jsse.c.checkServerTrusted(Unknown Source) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:967) ... 18 more Does this mean the certificate(s) need to be installed somewhere in Java? If so does anyone know how to do this? I had the same problem on Xubuntu 9.10 but success on Xubuntu 10.4 using seamonkey, openjdk and the icedtea plugin. I would have tried using openjdk on FreeBSD; but I didn't know if it would do any good (or cause problems) since icedtea6-stubs requires diablo. Thanks, Andrew