Doing what all IT Professionals do best, I googled it. Unfortunately, the majority of the results referred to different scenarios, mostly under older versions of the Citrix client (The dreaded ICA!).
After a very long afternoon of back and forth with one of the affected users, I was able to get things working by taking these steps:
1. On a PC, browse to the problem Citrix website with Internet Explorer
2. Open Tools >> Internet Options >> Content >> Certificates >> Intermediate Certification Authorities
3. Find the name of the cert in the error message (Above) and click on it and click Export
4. Click Next >> Select DER encoded Binary X.509 (.CER) >> Next
5. Save as the same name as the original error message. (e.g. COMODO SSL CA) and Finish the wizard
6. Rename the saved file extension to crt and transfer this file to the Mac
7. On the Mac, open Applications/Citrix ICA Client and create a folder called keystore
8. Open the keystore folder and create a subfolder called cacerts
9. Copy the crt file you created into this folder
10. Open Keychain and click logon from the left pane
11. Choose File>>Import items
12. Browse to the crt file and import. Set all permissions to trusted for the certificate
13. Close browser completely and re-open, browse to problem page and open an application, it should now load successfully
That's right, you use a PC to fix the Mac. Good Times...
