Posts Tagged ‘certificates’

Citrix Receiver: You have not chosen to trust “COMODO High-Assurance Secure Server CA”, the issuer of the server’s certificate

Written by Ingmar Verheij on January 24th, 2014. Posted in Citrix

Citrix ReceiverRecently I started using a MacBook to replace my Windows laptop. Since I work as a technical consultant with Citrix products I frequently connect to a Citrix XenApp / XenDesktop environment, amongst other to our lab.

While the installation was straightforward (just go to and click on Download Reveiver for Mac) I quickly faced a dialog telling me I haven’t chosen to trust the CA certificate with no option to solve this…

You have not chosen to trust , the issuer of the server's certificate

Hybrid local profile with RES Workspace Manager

Written by Ingmar Verheij on August 5th, 2013. Posted in Workspace management

In a virtual desktop environment the profile solution provided by Microsoft, the roaming profile,  is not sufficient. With the “Zero Profile Technology” RES Workspace Manager has a feature that captures users settings and injects them whenever needed, offering a more flexible solution than the roaming profile. More importantly only the required settings are captured and profile bloating and corruption is prevented.

Of course RES Software can’t replace the Windows profile so you end up with a hybrid solution, also referred to as a “hybrid profile”. Theoretically you can use any of flavor of the Microsoft profile solutions: local, roaming or mandatory and add the RES feature on top. A common used hybrid solution is a mandatory profile + RES Workspace Manager, but as Wilco van Bragt mentioned in his article about alternatives for the mandatory profile (link) this has it drawbacks.

Certificate enrollment for failed to enroll for a VUserAuthentication certificate with request ID N/A from Issuing 1 CA (The profile for the user is a temporary profile. 0x80090024 (-2146893788)).One of the biggest “challenges” with mandatory profiles, or roaming profiles where cached copies are deleted, is the use of certificates. Especially if you use auto-enrollment of certificates. What we’re looking for in a profile are the following characteristics:

  • Works with certificates – as described above
  • Removed after logoff – to prevent the computer from filling up with garbage
  • Stateless – or non-persistent. In other words, it does not store changes made by the user. Each time a user starts a session it should consist of the exact same settings, the profile solution (RES Workspace Manager) will inject the settings.

As Wilco describes in his article the local profile is the best candidate for a hybrid profile. But the local profile has one drawback: it persists on the computer.