I recently encountered an issue on an iPad where the Citrix Receiver was able to connect to a XenApp farm and enumerate applications but was not able to launch them. Attempting to launch resulted in the black screen and spinning wheel, which eventually timed out and returned to the application list. The environment consisted of Citrix XenApp 5 for Windows 2003, Citrix Receiver for iPad 4.2.3, Citrix Web Interface 5.4, Citrix Secure Gateway 3.2.1.
I contacted Citrix support and learned that the Receiver does not currently support Subject Alternative Name (SAN) certificates (a.k.a. Unified Communications or UC certificates) unless the principal name (the “Issued to” name) is the first entry in the subject alternative name list. Since the first entry in the subject alternative name list IS the principal name, this is another way of saying that subject alternative names are not currently supported.
In the example below, example.domain.com is the principal name.
It’s also the first entry in the subject alternative name list, so if I want to use it when connecting with the Receiver I’ll be in good shape.
However, if I connect to another entry that’s lower in the subject alternative name list, mobile.domain.com for example, it will fail.
Hopefully Citrix will resolve this issue in a future release. In the meantime I hope you find this information helpful.