Product Documentation

Citrix Receiver for Linux 13.5 Known Issues

Mar 09, 2017

Known issues in Citrix Receiver for Linux 13.5

The following known issues have been observed in this release:

  • The StoreFront URL fails to be added if Citrix Receiver for Linux is installed in a custom localized path that contains one or more 4-byte characters. 

  • With HDX MediaStream Windows media redirection with GStreamer1.0 enabled, OpenGL can cause unexpected pop-up windows to appear on some platforms.

  • With HDX MediaStream Windows media redirection with GStreamer1.4 or later enabled, in Fetch mode on the server side, some multimedia files (type MPG1, MPEG2, and H264) fail to play back.

  • On a device with CPU frequency scaling such as the Raspberry Pi, if you are experiencing stutters in audio or general performance issues, Citrix recommends that you set the scaling governor to performance mode. To see your current performance governor for each core, run the following command, where <c> is the core"

    cat /sys/devices/system/cpu/cpu<c>/cpufreq/scaling_governor

    By default, this setting is an on-demand setting, and not always dynamic enough to provide the real-time performance you need.
    To set the scaling governor to performance mode, run the following command as root:

    echo performance > /sys/devices/system/cpu/cpu<c>/cpufreq/scaling_governor

    Repeat this command for each core <c>.

  • The hardware-accelerated H264 decoder plug-in for the HDX Ready Pi does not operate correctly if you change the frame buffer resolution with the framebuffer_width and framebuffer_height parameters in the /boot/config.txt file. As a workaround, change the Pi’s resolution with the hdmi_group and hdmi_mode parameters.


Known issues in Citrix Receiver for Linux 13.4

The following known issues have been observed in this release:

  • Cannot reduce a fullscreen session to windowed mode using the Desktop Viewer toolbar when using the ‘-span o’ argument to override the session window redirect.

    To resolve this issue, do not use the ‘-span o’ option. Use a window manager with _NET_WM_FULLSCREEN_MONITORS support or disable Desktop Viewer instead.

  • The secondary session might not pop up when clicking its name under the Switch button on Desktop Viewer.


  • Receiver for Linux becomes unresponsive indefinitely when switching from X1 UI to Classic UI.

    If the self-service UI displays the error "NoWebUI 0," restart the self-service process to revert the self-service UI to normal.

  • Flash Redirection uses the wrong location with multi-monitor clients.

    When using Flash Redirection on a client with multiple monitors, Flash content can appear on the wrong monitor or off the screen. This can be avoided by ensuring the session is running on all available monitors before attempting to use the Flash Redirection feature.

  • Updating to this release can produce errors due to options dropped from All_Regions.ini.


  • HDX Webcam redirection is disabled for 45 seconds at startup.

    To avoid this, add an entry to the [wfclient] section of ~/.ICAClient/wfclient.ini (or $ICAROOT/config/module.ini) HDXRTMEWebCamLaunchDelayTime=0.

    If you intend to use the RTME plug-in instead of HDX webcam redirection, do not change this value.

Known issues in Citrix Receiver for Linux 13.3

The following known issues have been observed in this release:

  • Citrix Receiver does not recognize the PIV smartcard when starting a desktop for the first time.


  • Unclear error messages are displayed when Citrix Receiver cannot find the server immediately after it restarts.


  • An incorrect message dialog is displayed when the session reliability timer expires.


  • An error message (for example, "Unknown Error 1000047") is displayed when connecting to the VDA with the SSLv3 protocol enabled.


  • A generic network error is displayed when connecting to a StoreFront server with the SSLv3 protocol enabled.


  • Changing SharedUserMode using storebrowse, -c SharedUserMode[=value], requires exact case matching using the value parameter. When using the value parameter for storebrowse, -c SharedUserMode[=value], you must specify an exact case match using "True" or "False." No error message is displayed if an invalid value parameter is used. For example, -c SharedUserMode=True.


  • When connecting to a terminal server (for example, RDS) with only the SSLv3 protocol enabled the connection fails as expected but it might not fail with a SSL peer handshake failure.


  • Generic USB webcam input fails on 64-bit systems.


  • The storebrowse –d command does not delete previously cleared cached store information created by self-service. This means that if the store is subsequently added the self-service UI loads from the previous cached state.


  • New TLS values are not applied for connections to the StoreFront server using selfservice/storebrowse when TLS values are changed after the EULA (license) has been accepted. Note that a running AuthManager does not read a changed TLS setting.


  • Connection Center doesn't support IPv6.


  • When specifying a negative value to an integer config entry such as TCPRecvBufferSize in $HOME/.ICAClient/All_Regions.ini, the value is erroneously passed to WFICA as a positive value. To resolve this issue, use $ICAROOT/config/module.ini to set a negative value for TCPRecvBufferSize.


  • GStreamer helper processes display a warning related to a GLIB threading issue.


  • The ARMEL browser plug-in does not work at this release.


  • If you experience problems with time zones not correctly mapping with XenApp/XenDesktop 7.6 sessions, ensure that you have the hotfix referenced in CTX142640, and follow the steps for entry 7 [From ICATS760WX64014]. If that does not resolve the issue, try changing /etc/timezone (or /etc/localtime if /etc/timezone is not present) to be a symlink to a city name under /usr/share/zoneinfo/...

    If your time zone is still not supported, you might need to raise a support ticket to have a mapping added to the server.

    [#LC1061, #606648]
  • In the Platform Optimization SDK, the plug-ins for non-X11 environments possess two issues:

    • Sessions to Windows servers for XenDesktop 7.x fail if session reliability is used.
    • Sessions with 16-bit color depth show video corruption.

These issues exist in both the SDL Library-based SDL_plugin and the raw kernel Framebuffer-based FB_plugin sample plug-in implementations. Any further plug-ins developed by the user can expect to suffer these same issues.

Known issues in Citrix Receiver for Linux 13.2.1

The following known issues have been observed in this release:

  • The ARMEL browser plug-in (used for launching sessions from a web browser) fails to launch, preventing the user from launching a session. To resolve this, use the browser settings to disable the plug-in, which allows a fallback mechanism to take over.


  • When running on SLED 11sp3, launching storebrowse or selfservice from a terminal might cause several programs to produce errors saying " no version information available." This issue has little, if any, effect on the behavior of Citrix Receiver.


  • Flash redirection is not available on 64-bit clients. If this capability is important in your environment, contact the Citrix Product Management team or alternately use the support forums for additional guidance.


  • Receiver fails to add favorite applications when selecting Add to Favorites in the Details view. This issue occurs when running SuSE SLED 11sp3 without installing updates. To avoid this issue, ensure that the package libwebkit-1_0-2 is version 1.2.7-0.17.1 (or greater).


  • A third-party issue occurs in the EPEL 2.2.4 version of libwebkitgtk+. Citrix recommends using the EPEL (Extra Packages for Enterprise Linux) repository as a method for getting the GTK+2 version of libwebkitgtk on RedHat 7 and Centos 7. However, an issue with the provided EPEL version occurs when Japanese/Chinese characters are used in the hosted application names on the server. As a result, Receiver cannot ensure a proper method for securing a stable libwebkitgtk build on RedHat 7 and Centos 7 suitable for APAC characters.


  • On some platforms, installing the client from a tarball distribution might cause the system to hang after prompting you to integrate with KDE and GNOME. This issue occurs with the first time initialization of gstreamer-0.10. If you encounter this issue, end the installation process (using ctrl+c) and run the following command: gst-inspect-0.10 -- gst-disable-registry-fork --version. After executing this command, you are able to re-run the tarball setup without experiencing a system hang.


  • In some Gnome desktop environments, a client might experience a crash when starting the Microsoft Remote Desktop app (Mstsc). This issue occurs after connecting to a remote desktop. After inserting login credentials, the session cannot be closed gracefully by clicking the 'X' symbol (an error indicating that "A problem has occurred and the system can't recover.")


  • Windows media player displays an error message stating "Windows Media Player encountered a problem while playing the file"; this error condition can be dismissed by closing the error message, then clicking the Play icon.


  • Windows Media Player on a Windows 7 desktop might fail to play audio/video when started from a 64-bit Receiver. This issue occurs due to a known issue with Ubuntu 14.04; expected GStreamer components are not being installed. See the section "Windows Media Player fails to play files in certain formats" in the Troubleshooting topic.


  • Windows Media Player fails to play files in certain formats.

Known issues in Citrix Receiver for Linux 13.2

The following known issues have been observed in this release:

  • A new script was added that creates client-server file type associations. This script, ctx_app_bind, allows you to use a published application to open a specific file type. This script accepts either the name of the published app, either an example file or a MIME type, and optionally allows you to include a server name or URL.
    For example:

    ctx_app_bind example_file published_app_name server
    ctx_app_bind application/some-mime-name published_app_name

    Use the –p option to use pnabrowse rather than storebrowse for the session launch.

    Note: Citrix recommends using care when executing this script. It has not been tested against all possible OS environments.

  • If a user is unable to connect to the store, you can enable connection logs on Receiver to troubleshoot the nature of the problem. To enable the collection of connection logs in Receiver:

1. Edit the /opt/citrix/ICAClient/config/AuthManConfig.xml with the following parameters as a user with administrator privileges:

<!-- TracingEnabled - true, false -->

<!-- LoggingMode - none, normal, verbose -->

2. Halt the following processes: AuthManagerDaemon, selfservice, ServiceRecord, storebrowse.

3. Start Receiver and connect to the store.

4. Check the logs under $HOME/.ICAClient/logs.

HDX RealTime Webcam Video Compression requires:

- A Video4Linux compatible Webcam

- GStreamer 0.10.25 (or a later 0.10.x version), including the distribution's "plugins-good" package


  • When using Linux Receiver X1 to remove an app, the app persists and when logging out and returning to the store.


Known issues in Citrix Receiver for Linux 13.1

The following known issues have been observed in this release:

  • You cannot disconnect or log off virtual desktops from Connection Center. The Disconnect button is unavailable and the Log off button does not work. To work around this issue, disconnect or log off from the desktop session, not Connection Center. This issue is not observed with virtual applications.

    [#423651, #424847]

  • An error appears if a user opens the self-service UI to connect to the StoreFront store, and then closes the Receiver for Linux window when the Authentication Manager dialog box is open.


  • Receiver for Linux does not allow connection to a non-secure StoreFront store (http://). Depending on the configuration of the store, the user will either receive an error message of the form, "Error: Cannot retrieve discovery document" [], or the initial connection will be made over HTTP, but further communications will switch to https. Alternatively, if you use the IP address for the hostname you might see errors referring to Citrix XenApp Services (formerly PNAgent). Either explicitly use https:// or do not prefix the server name with http:// when entering the URL.

    [#473027, #478667 and #492402]

  • Receiver for Linux does not support logging on with a smart card that contains multiple authentication certificates.


  • If Receiver for Linux gives a segmentation fault when accessing smart cards, this might be due to a problem with the PKCS#11 library. You can check the library with the pkcs11-tool utility. The pkcs11-tool utility is part of the opensc package. An example test is:

    pkcs11-tool --module /usr/lib/ -

    If this also gives a segmentation fault, you must contact the supplier of the driver. You can also try a driver from another source for the same type of card. This problem has been seen with the Gemalto .NET driver included in Fedora 19 and Fedora 20.

  • Receiver for Linux supports multiple card readers; however only one smart card can be used at a time.


  • The host name of the Linux machine must be 20 characters or less for connections to work. This setting can be examined and set by using the hostname command. Any user can examine the hostname, but to set the hostname, you need to be the root user or have administrator privileges.


  • When working with XenDesktop in full screen mode in Receiver for Linux 13.x, the local screensaver might not activate. This is a third-party issue, and the behavior might vary depending on the client operating system.


  • If you insert the wrong smart card when trying to connect to a StoreFront store, you might see an error message such as "protocol error" or "Specified store not found," which does not explain the issue.


  • On some low-performance devices in a full screen session, the logon process with smart card authentication might take longer than expected and a timeout occurs. You might be able to prevent this issue by disabling use of H264. To disable the use of H624, do the following:
    1. Open the wfclient.ini file.
    2. Locate the "Thinwire3.0" section.
    3. Add the entry "H264Enabled=False".

This issue has been seen on a machine based on armhf (ARM hard float), without hardware accelerated H264.


  • If a PNAgent server allows the user to change expired passwords by contacting the Domain controller directly, you can only do this with the MIT compatible version of the library, This is due to issues with the Heimdal compatible version. This restriction applies to x86, armel and x64 (which uses the x86 pnabrowse). It does not apply to armhf.


  • Receiver for Linux requires, however this is not normally available in the standard repositories for Fedora-based systems. In this case, please find a suitable RPM for your system on the internet. For openSUSE, is available, however it must be installed separately.


  • A hotfix for 12.1 added a pnabrowse exit code E_SSLSDK_PASSWORD_LOCKED with the value 220. This changed the exit code E_PASSWORD_EXPIRED to 239 from its documented value of 238. In 13.0, the value for E_SSLSDK_PASSWORD_LOCKED was changed to 240, restoring the correct value of E_PASSWORD_EXPIRED. However, the values listed by pnabrowse -errno still show the uncorrected meanings for values 220 to 240.


Known issues in Citrix Receiver for Linux 13

The following known issues have been observed in this release:

Installation issues

  • libxerces-c 3.1 is a required component for this release. However, it is not available in some Linux distributions that use RPM packaging. If this component is missing in your distribution, locate it on a suitable website and add it to your Linux system installation.


  • For platforms that cannot meet the libxerces or libwebkitgtk system requirement (or both requirements), you can install Receiver using the tarball package, or force the installation of the Debian or RPM packages, and use the browser-based Receiver for web to start connections. For example, you cannot install the RPM package on CentOS systems because it requires, which is not available in those environments. To work around this issue, install the package with --nodeps or --force, or use the Tarball package instead. Then launch a browser and enter the URL to your Receiver for web store.


  • You can use the RPM package to install Receiver on the 32-bit version of OpenSUSE 13.1, but it fails at runtime. To work around this issue, download and install the following RPM package first, and repeat the installation:


  • After installing Receiver from the 64-bit RPM package in a 64-bit Fedora 19.1 environment, you must perform additional steps before using pnabrowse or the client engine, wfica, to launch connections. (These steps do fix storebrowse and selfservice, which cannot be made to function due to limitations in the version of curl in this environment.) To work around this issue:
  1. Install the 32-bit libpng12 package using the following command:

    yum install libpng12.i686

  2. To minimize the number of audio errors, install the 32-bit ALSA plug-in using the following command:

    yum install alsa-plugins-pulseaudio.i686

  3. To minimize the number of GtK errors, install the following packages using the following commands:

    yum install adwaita-gtk2-theme.i686
    yum install PackageKit-gtk3-module.i686
    yum install libcanberra-gtk2.i686

  4. To allow connections to be started from Firefox, install the plug-in nspluginwrapper.i686 and register it with the web browser using the following commands:

    yum install nspluginwrapper.i686


General issues

  • Resuming audio playback might be noisy. The noise is present only when the audio is paused and then restarted, not when it is first played. This has been observed with XenDesktop connections involving the Remote PC Access feature. There is no workaround for this issue.


  • Some media types only play on the user device if the appropriate codec is available on the server even though GStreamer should be able to connect directly to the source of the media and play it using the decoders on the device. There is no workaround for this issue.


  • On Ubuntu 12.04 with the Gnome 3 desktop, notification area icons for published applications do not integrate with the native desktop. Instead, they appear in a separate notification area window. There is no workaround for this issue.


  • Linux users cannot use their email addresses to set up StoreFront stores. Users should instead add the URL of the required stores using the Accounts page of the Preferences dialog box. You can alternatively provide a provisioning file with account information that is used to create a new account.


  • Proxy support for the selfservice and storebrowse commands is not available by default. To use a proxy server with a StoreFront server, set the http_proxy environment variable before starting either command. Use the following format for the environment variable:



  • Client-to-server content redirection (dropping published content on to a desktop icon) does not work with the self-service user interface. There is no workaround for this issue.

  • The Security-Enhanced Linux (SELinux) security module in RedHat Fedora can affect the operation of the Client Drive Mapping and USB Redirection features (on both XenApp and XenDesktop). If you require either or both of these features, disable SELinux before configuring them on the server.


  • The HDX MediaStream Flash Redirection feature has not been tested on the ARM hard float (armhf) platform because, in this release, Receiver does not work with Flash plug-ins on that platform.


  • If you configure a webcam frame rate that is not supported by the webcam, it defaults to a different value, which might be higher than expected.


  • If, in Receiver, you set a non-default resolution for a webcam, it does not stream video the first time you use it with Citrix GoToMeeting. The webcam appears to be active and gst_read is running, but no image is displayed. To work around this issue, stop and restart the webcam in GoToMeeting.


  • If window decorations are not present in the desktop environment (for example, in the LXDE environment with decorations disabled), you might not be able to close self-service dialog boxes.


  • With some versions of XenApp or XenDesktop, after starting a desktop or application, you cannot check the server name used for a connection because no server is listed in Connection Center. To work around this issue, click Properties. The server name is displayed in the Properties dialog.


  • If, while logging on to Receiver, you enter your credentials after a delay of about five minutes, the self-service user interface (UI) does not display your applications. To work around this issue, select Refresh Apps from the drop-down menu in the UI and re-enter your credentials.

  • An administrator who shadows a user's session might notice display errors if their screen is smaller than that of the user device. For example, scrollbars might not fit on to the administrator's screen, and regions of the user's screen might be inaccessible. There is no workaround for this issue. In addition, resizing the shadowed session from the administrator's machine can black out the session on the user device. To work around this issue, click the Restore button in the session window on the administrator's machine (not the user device).

    [#418672, #418690]

  • The self-service user interface and associated StoreFront components (Authentication Manager and the Service Record daemon) are not supported on Fedora because of library incompatibilities. Receiver installs without errors but does not work after installation. To work around this issue, start Receiver through web Interface (a legacy component) or web Receiver.


  • When many applications or desktops are subscribed to, the self-service user interface (UI) includes a scrollbar. This disappears (as expected) when the UI is resized to show all the application and desktop icons. However, the scrollbar is not redisplayed when the UI is then reduced in size. This issue has been observed only on Ubuntu 13.04. To work around it, click the Refresh menu option, repeat the resizing operation a few times, or stop and restart Receiver.

  • The first time a connection is made, you might notice a delay that varies significantly depending on the network. A connection using 3G will likely be slower than a connection using ADSL.


  • When you enter an HTTPS store address in the self-service user interface (UI), the following error message is displayed if no certificate is present: "Your account cannot be added using this server address. Ensure you enter it correctly." This error is displayed if the address is correct but no certificate is present. To work around this issue, install a certificate.

    [#423757, #424674]

  • You can apply a XenDesktop policy to raise the maximum frame rate in Receiver sessions above 30 frames per second (FPS). However, this value is not honored and the frame rate in the sessions never exceeds this value because it is limited by the flow control feature. This issue has been observed in XenDesktop 7 and 7.1. To work around this issue, disable flow control.


  • To switch accounts (and access desktops and applications from a different store), you use the Accounts menu in the self-service user interface. This might not be obvious to users.


  • If you use storebrowse in multiple locales that are not encoded as UTF-8, some of the text in the logon dialog box might be corrupt. For example, in a Spanish locale there is no text on the Log on button. To work around this issue, switch to a UTF-8 locale (for example, by creating a wrapper script around storebrowse, and the Service Record and Authentication Manager daemon executables).


  • You cannot disconnect or log off virtual desktops from Connection Center. The Disconnect button is unavailable and the Log off button does not work. To work around this issue, disconnect or log off from the desktop session, not Connection Center. This issue is not observed with virtual applications.


  • When storebrowse is used to start a session to a virtual desktop in a group in which all desktops are turned off, an exit status value of 255 EXEC_FAILED is displayed (sometimes after a delay), indicating that the start has failed. However, instead of failing, the desktop is in fact starting or registering and will be available soon. To work around this issue, advise users who encounter it to try starting the desktop again, or ensure any startup script does likewise.

    [#425076, #425103]
  • In the Japanese and Simplified Chinese versions of Receiver, keyboard shortcuts do not work in some dialog boxes.

    [#425275, #425278, #425281, #425332]

  • In the German, French, and Spanish versions of Receiver running on the Ubuntu platform, keyboard shortcuts are not visible in some dialog boxes but they are functional.

    [#425282, #425285, #425289, #425294, #425339]

  • In the German version of Receiver, duplicate keyboard shortcuts are present in some dialog boxes.

    [#425284, #425338]

  • The openssl tool c_rehash is used to import and hash root certificates that are used to secure communications with StoreFront. Some versions of c_rehash do not correctly handle certificates that contain MS-DOS-style line endings. If the output from c_rehash does not generate symbolic links for your certificate, you might need to convert the line endings to UNIX format. You can do this using the following tr command line:

    tr -d '\r' < root_certificate_name.pem > new_root_certificate_name.pem

    Then, run the c_rehash script against the new root certificate created from this command.

  • On Debian platforms, the ctxusbd daemon does not restart when the system restarts, causing USB redirection to fail. This is because the init script, /etc/init.d/ctxusbd, contains a variable, ###INIT_UDEV###, which must expand to udev. To work around this issue, edit /etc/init.d/ctxusbd as follows. You must have root permissions to do so:

    sed -ie's,###INIT_UDEV###,udev,g' /etc/init.d/ctxusbd

    Then, manually rerun insserv (again, with root permissions):

    /sbin/insserv /etc/init.d/ctxusbd

    This issue has only been observed on Debian platforms.

  • When connecting to Program Neighborhood Agent sites, absent or expired certificates might cause the Receiver user interface to flash, prompt the user repeatedly for credentials, or consume high CPU. To work around this issue, Citrix recommends installing your certificates properly and maintaining them regularly. The issue is not observed when connecting to StoreFront sites.


  • Icons in the self-service user interface might not be displayed when new users search for applications or desktops. To work around this issue, click Refresh Apps.


  • When using pnabrowse to connect to an HTTPS-secured Program Neighborhood Agent site on some Microsoft Server 2012 servers in armhf (hard float) environments, a generic error message is displayed and the connection fails. This issue is not fully defined but might be because the servers have a FQDN ending in .local, or because the key size specified in the Public Key field of the certificate on the servers is 2,048 Bits not 1,024 Bits. This issue does not occur with storebrowse and has only been observed in armhf environments.


  • If you log off from Receiver (by clicking Log Off in the self-service user interface) but then try to connect to a desktop or application, and cancel when prompted for your credentials, the message "Cannot process request" is displayed. You can ignore the message. You were successfully logged off.


  • A segmentation fault occurs, and Receiver fails, when you use the self-service user interface for the first time to connect to a Program Neighborhood Agent site, click Cancel in the logon dialog box, click Refresh Apps, and close the Receiver window. There is no workaround for this issue.


  • Multiple processes that call data store or load procedures at the same time can lead to data loss in files that are in memory (for example, StoreCache.xml). The last change to a given file is preserved; earlier changes are lost. There is no danger of file corruption.


  • If you remove and then add a store, the Accounts page of the Preferences dialog box does not show the new store until you close and reopen the dialog box.


  • With the Reconnect apps and desktops preference set to When I start or refresh apps and with a connection to a desktop or application in progress, selecting Refresh Apps from the Receiver menu makes the user interface unresponsive until the connection is established.


  • No error message is displayed when you try to add a store or gateway that is already listed in Receiver. There is no workaround for this issue, but no duplicate entries are created and the existing store or gateway continues to function correctly.


  • Menus in published applications disappear when they are clicked. This has been observed with maximized application windows in GNOME 3 desktop environments on Ubuntu 12.04 but not in Unity environments on Ubuntu 12.04.3.


  • Caution: A limitation in Windows means that the volume level of audio is maximized when a session automatically reconnects after a network outage. There is no workaround for this issue.


  • Receiver preferences only affect new or reconnected sessions, not disconnected ones. For example, you can start Citrix GoToMeeting from a virtual desktop and then disconnect from the desktop session (but not GoToMeeting). You can then select Use my microphone and webcam on the Mic & Webcam page of the Preferences dialog box, but this does not start the webcam in the GoToMeeting session. To work around this issue, close and restart the affected session (in the example, this is the GoToMeeting session).


  • If selfservice is run from a terminal, and the terminal is closed before selfservice is, the standard quit signal is sent to all foreground processes hosted by the terminal. Other Linux Receiver processes such as the Service Record and Authentication Manager daemons do not ignore this signal but selfservice does. This can make selfservice unresponsive because the processes on which it relies are ended. To work around this issue, start the daemons using storebrowse in one window, and then, in a second window, run selfservice. This lets you close the terminal window running selfservice but the daemons continue to operate in the background, and the user interface remains responsive.