Hi List We have NFuse 1.71 / CSG 1.1 in DMZ with Certificates from Globalsign. All secured over 443. STA in Cooperate Network. From outside company network (internet) access via ICA-full and webclient works perfect. Here the 2 problems we still have: 1. From inside the coorperate Network (the client has to traverse Proxy, Firewall, Router) it is not possible to open Metaframe apps. SSL error 40 ! First of all I thought this doesn't matter for our network, because I also have an internal NFUSE Server for access within the VPN. But know we want to access our Metaframe server through our NFUSE in DMZ from other companies cooperate networks (or Intranet or whatever the common name is) using their Internet access way.(ASP) The NFuse "client side firewall" settings are set to "use proxy settings from Browser". No my question: I think all that is need to be open on the client side firewall is Port 80 and port 443. Am I right ? The first test we made from another companies network brought ssl error 40. Any ideas ? Anyone made same experience from other companies network with such an ASP like environment ? 2. As already said above, from outside company network (internet) access via ICA-full and webclient works perfect. The Java Client doesn't work. It start and then brings an error sounds like, that Translated from German: The security certificate of the server is not trustworthy. To allow access to this server, you have to install the certificate "GlobalSign Root CA" Details shows: SslCertificateNotTrustedException. Issuer "GlobalSign Root CA" at com/citrix/sdk/security/exceptions/SslException.convert at com/citrix/sdk/security/ssl/SslOutputStream.write at com/citrix/sdk/security/socks/authentication/DefaultAuthenticator.beginSocks 5Handshake at com/citrix/sdk/security/socks/a/b.a at com/citrix/sdk/security/socks/a/b.b at com/citrix/sdk/security/socks/a/b.<init> at com/citrix/sdk/security/Socks5SocketFactory.createSocket at com/citrix/sdk/security/SocketFactory.createSocks5Socket at com/citrix/sdk/security/SocketFactory.createMultiplexedSslSocket at java/lang/reflect/Method.invoke at com/citrix/client/io/net/ip/x.b at com/citrix/client/io/net/ip/x.c at com/citrix/client/io/net/ip/x.a at com/citrix/client/io/net/ip/x.connect at com/citrix/client/io/net/ip/v.<init> at com/citrix/client/io/net/ip/v.<init> at com/citrix/client/module/td/tcp/TCPTransportDriver.q at com/citrix/client/module/td/TransportDriver.run I have already opened a call at citrix, but we already seem to have checked everything. - Root and server Certs are installed on both CSG and NFUSE and remember, it works perfectly with local ica-clients. That is realy crazy ! Is their perhaps a known issue with certificates from Globalsign ? I am wishufully waiting on some genious ideas !!! Ciao, Daniel dschoppmann@xxxxxx http://www.schoppmann.com/ Meeräckerstr. 24 68163 Mannheim home: 0621/8191407 mobil:0172/6395617 *********************************************** This Weeks Sponsor: WM Software WMS Messenger for TSE Affordable Instant Messaging for Terminal Servers http://www.wmsoftware.com/wmsm/ ************************************************ For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm