Query on TLS version used for Authentication on Citrix cloud and Onprem deployment
Article ID: CTX477473
Updated On:
Description
Query on TLS version used for Authentication on Citrix cloud and On-prem deployment
Instructions
Citrix uses industry standard TLS 1.2 with the strongest cipher suites. Customers cannot control the TLS certificate in use, as Citrix Cloud is hosted on the Citrix-owned cloud.com domain.To access Citrix Cloud, customers must use a browser capable of TLS 1.2, and must have accepted cipher suites configured.
Environment
Caution! Using Registry Editor incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.
Issue/Introduction
TLS use in Citrix cloud: For data-in-flight, Citrix uses industry standard TLS 1.2 with the strongest cipher suites. Customers cannot control the TLS certificate in use, as Citrix Cloud is hosted on the Citrix-owned cloud.com domain.
To access Citrix Cloud, customers must use a browser capable of TLS 1.2, and must have accepted cipher suites configured.
https://support.citrix.com/article/CTX335879/citrix-cloud-changes-to-cipher-suites-for-cloud-connector
https://docs.citrix.com/en-us/citrix-cloud/overview/secure-deployment-guide-for-the-citrix-cloud-platform.html
TLS use on-prem deployment AD authentication : Depends on organization – we can run a NS trace on gateway to see the TLS version in use during the handshake
https://docs.citrix.com/en-us/tech-zone/build/tech-papers/networking-tls-best-practices.html
https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/secure/tls.html
https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/tls.html
Additional Information
https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings?tabs=diffie-hellman
https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392
https://support.citrix.com/article/CTX335879/citrix-cloud-changes-to-cipher-suites-for-cloud-connector
https://docs.citrix.com/en-us/citrix-cloud/overview/secure-deployment-guide-for-the-citrix-cloud-platform.html
https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392
https://support.citrix.com/article/CTX335879/citrix-cloud-changes-to-cipher-suites-for-cloud-connector
https://docs.citrix.com/en-us/citrix-cloud/overview/secure-deployment-guide-for-the-citrix-cloud-platform.html
Was this article helpful?
Yes
No
Powered by
