cancel
Showing results for 
Search instead for 
Did you mean: 

SSL err 59 when launching a Citrix app thru JSAM

SOLVED
Kath_
Occasional Contributor

SSL err 59 when launching a Citrix app thru JSAM

I have configured a web resource / link to a Citrix WebInterface (v4.6) using the Citrix web template.

The ICA clients are non-java and we selected to tunnel the traffic thru JSAM.

As specified in the documentation, I have listed the MetaFrame servers and it's port numbers, and also the csg (citrix secure gateway) server that is in use during the launch of applications on the webInterface. Everything looks fine until I try to start an application, -then I get the following error:

"Cannot connect to the Citrix Presentation server.

SSL Error 59: The server sent a security certificate identifying "csg.ourdomain.com", the SSL connection was to "127.0.2.3".

All different kinds of logs just say that it closes the connection to the csg.ourdomain.com server.

Example:

2008-08-29 17:05:33 Connected to csg.ourdomain.com port 443

2008-08-29 17:05:33 Closed connection to csg.ourdomain.com port 443 after 1 seconds, with 995 bytes read (in 2 chunks) and 240 bytes written (in 2 chunks)

Our system version is 6.2R1, (build 13255)

I have sent this to support but I do not get any good answers.

When i use WSAM instead of JSAM it works fine.

Any ideas anyone?

1 ACCEPTED SOLUTION

Accepted Solutions
Kath_
Occasional Contributor

Re: SSL err 59 when launching a Citrix app thru JSAM

JSAM cannot be used to tunnel data towards a Citrix farm that uses a csg-server. So this wasn't a bug or anything, but a matter of non-compatible configurations on Citrix vs Juniper

Smiley Mad

View solution in original post

4 REPLIES 4
kenlars_
Super Contributor

Re: SSL err 59 when launching a Citrix app thru JSAM

This is an error generated when the Presentation Server receives a SSL session initiation in which the URL does not match the name of the certificate on the server. I'm guessing that the JSAM Citrix implementation accesses the Presentation Server as 127.0.2.3 instead of csg.ourdomain.com.

This looks like a Juniper error to me. Push on JTAC. It should be simple for them to recreate the error.

A number of other people on the forum have commented on the bugginess of V6.2r1. I think 6.2r2 is imminent. You may want to try that.

DanSmart_
Contributor

Re: SSL err 59 when launching a Citrix app thru JSAM

JSAM is very "clumbsy" using a separte window to redirect. I suggest using Network Connect with an ACL that restricts it to your citrix server on ports 1494, 2598. Create the resource profile using JSAM as normal, but after adding it to your role, deselect SAM and check NC instead.
Kath_
Occasional Contributor

Re: SSL err 59 when launching a Citrix app thru JSAM

Thanks Dan, but we need Linux and Mac support, so Network Connect is not an option. (Or WSAM for that matter)
Kath_
Occasional Contributor

Re: SSL err 59 when launching a Citrix app thru JSAM

JSAM cannot be used to tunnel data towards a Citrix farm that uses a csg-server. So this wasn't a bug or anything, but a matter of non-compatible configurations on Citrix vs Juniper

Smiley Mad

View solution in original post