When using an SSL certificate that uses an intermediate certificate authority (e.g. Go Daddy), particular trust issues may be seen when using an iPad that are not seen when using a PC web browser.

The error typically seen is:

"Cannot Verify Server Identity
Safari can't verify the identity of cag.domain.com. Would you like to continue anyway?"

The intermediate certificate authority certificate must be added to the access gateway VPX and also added to the server certificate chain.

From the Access Gateway admin logon point (https://cag/lp/adminlogonpoint)

- Select Certificates
- Select Import | Trusted (.pem)
- Browse to the file and click Open
- Select the server certificate (e.g. citrix.domain.com)
- Click the Add to Chain button
- Select the intermediate certificate authority and click Add

Access Gateway 5.0 Administrator's Guide
http://support.citrix.com/servlet/KbServlet/download/27245-102-657614/ag-50-pdf-bk.pdf