Citrix Client SSL Error Codes

This article provides information on Citrix Client SSL Error Codes.

To assist with troubleshooting, Citrix Technical Support has compiled a list of generic SSL error codes that the Citrix client might present the user or write in the Event log when an error occurs.

Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization’s Help Desk for assistance and refer them to this article.

Note: This list contains general information and might not fully explain the reason for your error. This information is provided “as is” and is not meant to be an official rendering of the SSL error code definitions. Refer to the Disclaimer for more information.

* 0 Everything is fine *
* 1 Redo handshake before other things *
* 2 Handshake loop is complete *
* 3 An error occurred that cannot be further defined *
* 4 An error occurred while reading *
* 5 An error occurred in the provider. No further information is available *
* 6 A required library is missing *
* 7 A required library has no entry point? *
* 8 Initialization (of whatever was being initialized, library) failed *
* 9 There is no memory left for the application to use *
* 10 Can’t locate your certificate. *
* 11 Your certificate isn’t in a format readable by the provider *
* 12 You do not have permission to access the specified certificate *
* 13 The SSL package isn’t there (SChannel specific) *
* 14 Can’t work to the cipher strength required *
* 15 The context has expired or isn’t properly initialized *
* 16 The buffer read isn’t a valid SSL packet *
* 17 The buffer read isn’t a valid socks 5 packet *
* 18 Your SSL packet has been modified illegally *
* 19 Your SSL packet is out of sequence *
* 20 The data received is not a complete packet *
* 21 The server response to socks hello is bad *
* 22 The server response to socks connect request is bad *
* 23 We do not support the given address type *
* 24 Send the given buffer, and terminate the communication (SChannel specific) *
* 25 Do socks 5 server side redirection before completing handshake (SChannel specific) *
* 26 Unable to open the specified keystore *
* 27 Unable to find the specified identity cert *
* 28 The socket given to a function is not of the right type (SChannel specific) *
* 29 The socks 5 handshake broke down in an unspecified manner *
* 30 The buffer supplied is not big enough for all the data *
* 31 The SDK context supplied is not valid for the function called *
* 32 The clients socks 5 hello is bad *
* 33 The clients connect request is bad *
* 34 The socks 5 command requested is not supported *
* 35 The socks 5 server refuses to redirect to the required destination *
* 36 The destination network requested is inaccessible *
* 37 The destination host requested is unreachable *
* 38 Connection to the destination host requested is refused *
* 39 The TTL on the packet sent the destination host requested expired *
* 40 The hostname could not be resolved *
* 41 A socket could not be created *
* 42 Connection to the host is refused *
* 43 A close notify alert was received *
* 44 An unexpected message alert was received *
* 45 A bad mac alert was received *
* 46 A decompression failure alert was received *
* 47 A handshake failure alert was received *
* 48 A no certificate alert was received *
* 49 A bad certificate alert was received *
* 50 An unsupported certificate alert was received *
* 51 A certificate revoked alert was received *
* 52 A certificate expired alert was received *
* 53 A certificate unknown (untrusted) alert was received *
* 54 An illegal parameter alert was received *
* 55 An unknown alert was received (probably TLS alert) *
* 56 Unable to set the CA certs verify path (OpenSSL specific) *
* 57 Unable to set identity certificate *
* 58 Unable to set private key *
* 59 The common name on the ID certificate is not what was expected *
* 60 (OpenSSL specific) a zero depth self signed cert was received *
* 61 (OpenSSL specific) a root cert to match the identity received could not be found locally *
* 62 (OpenSSL specific) a root cert to match the identity received could not be found at all *
* 63 (OpenSSL specific) a self signed cert was in the chain received *
* 64 (OpenSSL specific) unable to verify the signature on the leaf cert *
* 65 (OpenSSL specific) unable to decode the issuers public key *
* 66 (OpenSSL specific) unable to verify the signature on a cert *
* 67 (OpenSSL specific) the before field in the cert is corrupt *
* 68 (OpenSSL specific) the certificate is not yet valid *
* 69 (OpenSSL specific) the expiry field in the cert is corrupt *
* 70 (OpenSSL specific) the certificate has expired *
* 71 A method called is unimplemented *
* 72 The provider could not load any of the root certs in the keystore *
* 73 The provider could not load some of the root certs in the keystore *
* 74 Client authentication failed *
* 75 The connection timed-out *
* 76 A server certificate was revoked *
* 77 No CRL could not be retrieved for one of the certificates *
* 78 Revocation support is not available *

Additional Resources

Disclaimer

CITRIX MAKES NO REPRESENTATIONS OR WARRANTIES OF NONINFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO THE INFORMATION IN THIS ARTICLE. THIS INFORMATION IS DELIVERED ON AN “AS IS” BASIS. YOU SHALL HAVE THE SOLE RESPONSIBILITY FOR ADEQUATE PROTECTION AND BACK-UP OF ANY DATA USED IN CONNECTION WITH THIS INFORMATION. IN NO EVENT SHALL CITRIX BE LIABLE FOR (i) SPECIAL, INDIRECT, DIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, OR (ii) ANY OTHER CLAIM, DEMAND OR DAMAGES WHATSOEVER RESULTING FROM OR ARISING OUT OF OR IN CONNECTION WITH THIS INFORMATION, WHETHER AN ACTION IN CONTRACT OR TORT, INCLUDING NEGLIGENCE, OR OTHERWISE.

Related:

  • No Related Posts

Leave a Reply