Reset Search
 

 

Article

KB40114 - Citrix StoreFront WebSocket error "Citrix Receiver cannot connect to the server"

« Go Back

Information

 
Last Modified Date2/19/2016 12:09 AM
Synopsis
When using HTML5 access for Citrix StoreFront through the PCS device, end users will receive the following error message:
 
Citrix Receiver cannot connect to the server

OR 
 
Citrix Receiver cannot create a secure connection in this browser



User-added image
Problem or Goal
Cause
In the web socket connection request header, PCS device will send the request to the backend with a parameter called "Origin".  This parameter will contain the PCS URL.
 
GET ws://abc.xyz.com/?encoding=text HTTP/1.1 <--- Back end URL
Origin: http://vpn.xyz.com    <---- Appliance's URL
Cookie: __utma=99as
Connection: Upgrade
Host: echo.websocket.org
Sec-WebSocket-Key: uRovscZjNol/umbTt5uKmw==
Upgrade: websocket
Sec-WebSocket-Version: 13


If this PCS URL (in the Origin parameter) is not added, under the WebSocket Trusted Origin Server List on the Citrix Server, the server will close the TCP connection causing the client browser to receive a '500 Internal Server Error'.  This is a security measure from the Citrix side.

User-added image
 
Solution
To resolve this issue, add the PCS URL to the "WebSocket trusted origin server list".
  1. Under Citrix Policy, go to Policy
  2. In the middle pane, under Policies, modify an existing policy or create a new policy
  3. In the right pane, click Actions > Edit Policy
  4. Edit Unfiltered window will appear, then type websoc and hit Enter.
  5. Select WebSock trusted origin server list
  6. Enter the PCS URL
  7. Click OK
For more information, please refer to WebSockets policy settings
Related Links
Attachment 1 
Created BySumanto Chakraborty

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255