Fujitsu eLux NG S26361-F2600-L134 User Manual
Product codes
S26361-F2600-L134
www.
myelux
.com
eLux
®
NG
Build # 27
124
4.2.9 Citrix Secure Gateway
You can use certificate-based server authentication to ensure that the server you are
connecting to is genuine.
To use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to connect to a Citrix
Secure Gateway server, you need a root certificate on the client machine that can verify the
signature of the Certificate Authority (CA) on the server certificate. The following CA
certificates are automatically installed with the Citrix ICA client:
connecting to is genuine.
To use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to connect to a Citrix
Secure Gateway server, you need a root certificate on the client machine that can verify the
signature of the Certificate Authority (CA) on the server certificate. The following CA
certificates are automatically installed with the Citrix ICA client:
Certificate
Issuing Authority
Class3PCA_G2_v2.crt
VeriSign Trust Network
Class4PCA_G2_v2.crt
VeriSign Trust Network
BTCTRoot.crt
Baltimore Cyber Trust Root
GTECTGlobalRoot.crt
GTE Cyber Trust Global Root
GTECTRoot.crt
GTE Cyber Trust Root
Pcs3ss_v4.crt
Class 3 Public Primary Certification Authority
SecureServer.crt
Secure Server Certification Authority
TC_RootServer_DER_Class2.crt
Class 2 TC TrustCenter Certification Authority
Figure 72: CA certificates for Citrix ICA
You are not required to obtain and install root certificates on the client machine to use the
certificates from these CAs. However, if you choose to use a different CA, you must obtain
and install a root certificate from the CA on each client machine.
Warning
Certificate key lengths of greater than 2048 bits are not supported by the Citrix ICA
Client for Linux. Ensure that the bit lengths of the CA root certificates, intermediate certificates
and server certificates do not exceed this size.
and server certificates do not exceed this size.
Save root CA certificates to /setup/cacerts.
Note
Sometimes the Citrix literature tells you to save the CA certificate to the client directory
/usr/lib/ICAClient/keystore/cacerts. This directory is read-only. Save it to /setup/cacerts
instead. A symbolic link will refer the program to the correct directory.
instead. A symbolic link will refer the program to the correct directory.
Certificates can be transferred to many clients using Scout Enterprise file transfer feature.
For more information on the Scout Enterprise management tool, see the Scout Enterprise
Administrator’s Guide
.
4.2.10 Tool xcapture
To use this feature, you must have the “Utils for ICA Client” (icautils) package installed. It is
located in the “ICA client” (ica) package.
The Citrix ICA Client for Linux includes a helper application, xcapture, that allows you to
exchange graphical data between the MetaFrame server clipboard and non-ICCCM-compliant
X Windows applications on the X desktop. You can use xcapture to:
located in the “ICA client” (ica) package.
The Citrix ICA Client for Linux includes a helper application, xcapture, that allows you to
exchange graphical data between the MetaFrame server clipboard and non-ICCCM-compliant
X Windows applications on the X desktop. You can use xcapture to:
• Grab dialog boxes or screen areas and copy them between the UNIX desktop (including
non-ICCCM-compliant applications) and an application running in an ICA Client window.