Citrix Workspace app for Android
• “Example Server Certificate”
• “Example Intermediate Certificate”
• “Example Root Certificate”
Then, Citrix Workspace app for Android verifies if all these certificates are valid. Citrix Workspace app
for Android also verifies if it already trusts an “Example Root Certificate”. If Citrix Workspace app for
Android does not trust “Example Root Certificate,”the connection fails.
Important
Some certificate authorities have more than one root certificate. If you requirethis stricter valida‑
tion, make sure that your configuration uses the appropriate root certificate. For example, there
are currently two certificates (“DigiCert”/ “GTE CyberTrust Global Root,”and “DigiCert Baltimore
Root”/ “Baltimore CyberTrust Root”) that can validate the same server certificates.
On some user devices, both root certificates are available. On other devices, only one is avail‑
able (“DigiCert Baltimore Root”/ “Baltimore CyberTrust Root”). If you configure “GTE CyberTrust
Global Root”at the gateway, Citrix Workspace app for Android connections on those user devices
fail. Consult the certificate authority’s documentation to determine which root certificate can be
used. Also note that root certificates eventually expire, as do all certificates.
Note:
Some servers and Citrix Gateway never send the root certificate, even if configured. Stricter vali‑
dation is then not possible.
Now suppose that a gateway is configuredby using these validcertificates. This configuration, without
the root certificate, is normally recommended:
• “Example Server Certificate”
• “Example Intermediate Certificate”
Citrix Workspace app for Android uses these two certificates. It then searches for a root certificate on
the user device. If it finds one that validates correctly, and is also trusted, such as “Example Root Cer‑
tificate”, the connection succeeds. Otherwise, the connection fails. This configuration supplies the
intermediate certificate that Citrix Workspace app for Android needs, but also allows Citrix Workspace
app for Android to choose any valid, trusted, root certificate.
Now suppose that a Citrix Gateway is configured by using these certificates:
• “Example Server Certificate”
• “Example Intermediate Certificate”
• “Wrong Root Certificate”
Citrix Workspace app for Android reads the wrong root certificate, and the connection fails.
© 1999–2024 Cloud Soware Group, Inc. All rights reserved. 17