Disabling Triple DES on the VDA breaks the VDA SSL connection

Disabling Triple DES on the VDA breaks the VDA SSL connection

book

Article ID: CTX226049

calendar_today

Updated On:

Description

  • If you disable triple DES on the VDA with SSL enabled.
  • The Application Launch and Desktop Launch will fail with SSL error.

Resolution

 

  • Run the below command to configure the SSL Cipher Suite on the VDA to ensure the ICA connection to VDA does not use Triple DES
  • Enable-VdaSSL.ps1 – Enable –SSLPort 443 –SSLMinVersion “TLS_1.2” –SSLCipherSuite “COM”

Problem Cause

  • The SSL Cipher Suite on the VDA was configured to "ALL" which enables the Triple DES when configuring VDA for SSL during the ICA Launch

Additional Information

http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-security-article/xad-ssl.html
Powered by Wolken Software