Sometimes when using Citrix ICAClient on certain Linux distros you will get an error like
You have not chosen to trust "USERTrust RSA Certification Authority", the issuer of the server's security certificate.
You can fix this by copying a certificate you should already have on the system into a location ICAClient will see it. Why Citrix can’t look into all the normal cert paths is beyond me.
ln -s /etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem /opt/Citrix/ICAClient/keystore/cacerts/USERTrust_RSA_Certification_Authority.pem