Citrix

Tango-document-new.png

Tango-document-new.png

This article is a stub.

Notes: Missing overview/explanation at top (Discuss in Talk:Citrix#)

Install from AUR

Tango-dialog-warning.png

Tango-dialog-warning.png

This article or section is out of date.

Reason: Citrix provides an automatic installer, see manual installation (Discuss in Talk:Citrix#)

Install Package

citrix-clientAUR x86 and x86_64 (multilib)

icaclientAUR x86_64

SSL connections are supported by default in both of these packages.

Update make dependencies for package lib32-libxaw (x86_64 only)

When installing the lib32-xaw dependency, a conflict will be signalled for the packages gcc, gcc-libs, and binutils.

Replace these packages with their multilib versions, but do not forget to reinstall them after icaclient has been succesfully installed

Set Firefox to use Citrix

Then set Firefox to use one the following programs to open .ICA files, depending on your architecture.

x86:

/usr/bin/citrix-client.sh

x86_64:

/opt/Citrix/ICAClient/wfica

Google Chromium

If you have problems launching Citrix applications with Chromium, just go to about:plugins and disable "Citrix Receiver for Linux".

Next, create /usr/share/applications/wfica.desktop (Exec path may vary based on package installed):

[Desktop Entry]
Name=Citrix ICA client
Comment="Launch Citrix applications from .ica files"
Categories=Network;
Exec=/usr/bin/wfica
Terminal=false
Type=Application
NoDisplay=true
MimeType=application/x-ica;

Now xdg-open will handle .ica extensions using /usr/bin/wfica.

Note: if you are running Xfce and Chromium is opening the .ica files in the wrong application (e.g. a text editor), make sure you have xorg-xprop installed.

Manual Install

Citrix Receiver (icaclient) Installation

  • Step 0. 64-bit Arch systems only - install 32-bit libs:

from Arch repositories: openmotif, lib32-libxmu, printproto, nspluginwrapper, lib32-alsa-lib, lib32-gcc-libs, lib32-libxft, lib32-gtk2, lib32-libxdamage, lib32-libpng12. From AUR: lib32-libxp, lib32-libxpm, lib32-libxaw, lib32-openmotif

Citrix has released a 64-bit version of the Citrix Receiver. You might try this version first (Navigate to [1], select the newest version, go to section "For 64-bit Systems")

  • Step 1. Download Citrix Receiver It can be found here. Choose the latest version of the x86 client in the .tar.gz format.
  • Step 2. Unpack the archive:
# tar zxvf en.linuxx86.tar.gz
./
./PkgId
./install.txt
./eula.txt
./readme.txt
./setupwfc
./linuxx86/
./linuxx86/hinst
./linuxx86/linuxx86.cor/
./linuxx86/linuxx86.cor/nls/
./linuxx86/linuxx86.cor/nls/en/
./linuxx86/linuxx86.cor/nls/en/UTF-8/
./linuxx86/linuxx86.cor/nls/en/UTF-8/Wfica
./linuxx86/linuxx86.cor/nls/en/UTF-8/Wfcmgr
... many more files ...
  • Step 3. Run setupwfc:
    # ./setupwfc
    (Follow all instructions prompted by setupwfc.)
  • Step 4. (Applies only for Firefox integration:)

The setup program should have made appropriate links to the "Citrix Receiver for Linux" plugin. You can check this as such:

# find / -name npica.so
/opt/Citrix/ICAClient/npica.so

Or you can check if your browser loads the plugin, in Firefox this can be done by typing "about:plugins" in the address bar. If you have a 64-bit version of Firefox, the plugin will not be loaded. You can check below what to do.

Create missing links as such:

# ln -s /opt/Citrix/ICAClient/npica.so /usr/lib/mozilla/plugins/
  • Step 6. Restart your browser

At this point, everything should work, including wfcmgr. In the case of Opera, integration should be automatic. The ICAClient will automatically be launched whenever you try to access a citrix-based application from either Firefox or Opera.

Note: If for some reason firefox prompts you for which application to use when opening a citrix-based application, use /opt/Citrix/ICAClient/wfica

Security Certificates

Because ICAClient uses SSL you may need a security certificate to connect to the server, check with the server administrator. If there is a certificate download and place it in /usr/lib/ICAClient/keystore/cacerts/.

You may then receive the error You have not chosen to trust the issuer of the server's security certificate. (SSL Error 61).

There may be several reasons for this:

You do not have the root Certificate Authority (CA) certificates.
These are already installed on most systems, they are part of the core package ca-certificates, but they are not where ICAClient looks for them. Copy the certificates from /etc/ssl/certs/ to /usr/lib/ICAClient/keystore/cacerts/. For Citrix versions before 13.1, run the following command as root:
# ln -sf /etc/ssl/certs/* /opt/Citrix/ICAClient/keystore/cacerts/
Since versions 13.1, Citrix needs the certificates in separate files. You need to run the following commands as root:
# cd /opt/Citrix/ICAClient/keystore/cacerts/
# cp /etc/ssl/certs/ca-certificates.crt .
# awk 'BEGIN {c=0;} /BEGIN CERT/{c++} { print > "cert." c ".pem"}' < ca-certificates.crt
You may also need to download your CA's intermediate certificates and store them in the same directory.
Your server is using a certificate with a SHA-2 hash for the Signature Algorithm.
Microsoft has mandated that any certificates with an expiry date of 2017 or later must use a SHA-2 hash[2]. You may either:
  1. Upgrade your client to 13.1 or later. Citrix now supports SHA-2 hashes in the ICA client version 13.1.0.285639.
  2. Contact your CA and have your certificate re-keyed with a SHA-1 hash.