macOS 10.15 Catalina was released yesterday. Apple provided a warning (June 2019) about important new security requirements for TLS server certificates in iOS 13 and macOS 10.15. Citrix, which offers enterprise software for Mac and Windows, didn’t get the memo or were just asleep at the wheel. After installing Catalina, I started getting errors about untrusted root certificates.
You have not chosen to trust “GlobalSign Root CA”, the issuer of the server’s security certificate.
I dug around in Keychain Access to try to resolve the issue but could not. A few Google searches later; I found a very long thread (June 2019) on the Citrix forum where users had reported this issue with macOS 10.15 Beta. Citrix appeared to be flippant about users reporting of the problem. A few users were pissed off.
I was a bit panicked. I consult and work remotely for a banking client in New York City. Without the Citrix client, I am unable to connect to their systems to get work done.
I followed the thread until I found a post with a temporary workaround. Crisis averted.
This morning Citrix released an updated Citrix Workspace app 1910 for Mac. Kudos to Citrix for getting this out to customers, but I think they could have done a better job communicating to customers and setting expectations.