Product Documentation

About this release

Mar 03, 2015

Citrix Receiver for Linux is a software client that lets you access your desktops, applications, and data easily and securely from many types of Linux devices. Working with a Citrix-enabled IT infrastructure, Receiver gives you the mobility, convenience, and freedom you need to get your work done.

This topic lists new features in Receiver for Linux Version 13.1, as well as known issues in this version, and a link to fixed issue lists for this and earlier versions.

What's new in version 13.1

The following features are new in Receiver for Linux Version 13.1:

  • Disabled use of SSLv3. To prevent a new attack, such as POODLE, against the SSLv3 protocol, this version of Receiver for Linux disables its use. See
    Important: You must ensure that TLS 1.0, 1.1, or 1.2 is enabled.

Known issues in Version 13.1

Proxy support for the selfservice and storebrowse commands is not available by default. To use a proxy server with a StoreFront server, set the http_proxy environment variable before starting either command. Use the following format for the environment variable:



If Receiver for Linux gives a segmentation fault when accessing smart cards, this may be due to a problem with the PKCS#11 library. You can check the library with the pkcs11-tool utility. The pkcs11-tool utility is part of the opensc package. An example test is:
pkcs11-tool --module /usr/lib/ -I
If this also gives a segmentation fault, you should contact the supplier of the driver. You could also try a driver from another source for the same type of card. This problem has been seen with the Gemalto .NET driver included in Fedora 19 and Fedora 20. [#493172]

Receiver for Linux supports multiple card readers; however only one smart card can be used at a time. [#494524]

The host name of the Linux machine should be 20 characters or less for connections to work. This setting can be examined and set by using the hostname command. Any user can examine the hostname, but to set the hostname, you need to be the root user or have administrator privileges. [#494740]

When working with XenDesktop in full screen mode in Receiver for Linux 13.x, the local screensaver may not activate. This is a third-party issue, and the behavior may vary depending on the client operating system. [#496398]

Receiver for Linux does not allow connection to a non-secure StoreFront store (http://). Depending on the configuration of the store, the user will either receive an error message of the form, "Error: Cannot retrieve discovery document" [], or the initial connection will be made over http, but further communications will switch to https. Alternatively, if you use the IP address for the hostname you may see errors referring to Citrix XenApp Services (formerly PNAgent). Either explicitly use https:// or do not prefix the server name with http:// when entering the URL. [#473027, #478667 and #492402]

Receiver for Linux does not support logging on with a smart card that contains multiple authentication certificates. [#488614]

On some low performance devices in a full screen session, the logon process with smart card authentication may take longer than expected and a timeout occurs. You may be able to prevent this issue by disabling use of H264. To disable the use of H624, do the following:
  1. Open the wfclient.ini file.
  2. Locate the "Thinwire3.0" section.
  3. Add the entry "H264Enabled=False".
This issue has been seen on a machine based on armhf (ARM hard float), without hardware accelerated H264. [#497720]

If a PNAgent server allows the user to change expired passwords by contacting the Domain controller directly, you can only do this with the MIT compatible version of the library, This is due to issues with the Heimdal compatible version. This restriction applies to x86, armel and x64 (which uses the x86 pnabrowse). It does not apply to armhf. [#498037]

An error appears if a user opens the self-service UI to connect to the StoreFront store, and then closes the Receiver for Linux window when the Authentication Manager dialog box is open. [#430193]

If you insert the wrong smart card when trying to connect to a StoreFront store, you may see an error message such as "protocol error" or "Specified store not found", which does not explain the issue [#496904].

Receiver for Linux requires, however this is not normally available in the standard repositories for Fedora-based systems. In this case, please find a suitable RPM for your system on the Internet. For openSUSE, is available, however it must be installed separately. [#501937]

You cannot disconnect or log off virtual desktops from Connection Center. The Disconnect button is unavailable and the Log off button does not work. To work around this issue, disconnect or log off from the desktop session, not Connection Center. This issue is not observed with virtual applications. [#423651, #424847]

A hotfix for 12.1 added a pnabrowse exit code E_SSLSDK_PASSWORD_LOCKED with the value 220. This changed the exit code E_PASSWORD_EXPIRED to 239 from its documented value of 238. In 13.0, the value for E_SSLSDK_PASSWORD_LOCKED was changed to 240, restoring the correct value of E_PASSWORD_EXPIRED. However, the values listed by pnabrowse -errno still show the uncorrected meanings for values 220 to 240. [#502550]