Relax the cipher suites to see if that makes a difference. If high security ciphers are used, this issue may occur.
#.ica citrix plugin update#
If frequently patched, the client will most probably have the latest and update Root CA’s from various public CAs.
To fix this, you will need to change a DNS parameter in XenApp/XenDesktop 7.x farms. This setup will NOT work for DirectAccess connections. The below screenshot is of an ICA file that shows IP addresses. So, we will need to find a way to switch that behaviour to an FQDN based connection initiation. By default, Citrix XenApp tries to connect on IP addresses to bypass the infrastructure reliance on DNS. When you have DirectAccess enabled on user PCs, it expects hostname/FQDN values for initiating traffic between the client and the DA gateway. The users who connect directly to Storefront without DirectAccess have no issues to launch applications. Users will also notice the below Citrix Receiver dialog with no apparent error messages. Users would be able to connect to Storefront portal and authenticate themselves but when they try to launch applications it fail.
If you have implemented DirectAccess for your users so that they could connect to corporate network whilst they work from home, you might have come across this issue while using Citrix.