Citrix Studio cannot connect to the License Server 11.17.2 build 51000.

It reports "certificate is not trusted or valid" with Error Id: XDDS:796F2703

Upgrade DDC to 1912 CU7 and above and 2203 CU3 and above which contain the fix.
Or directly upgrade the LicensingAdmin_PowerShellSnapin_x64.msi that bundled with 1912 CU7 and above and 2203 CU3 and above on DDC. 

The following workaround only recommend to be used during the environment upgrade.

• Back up and edit the File:

C:\Program Files (x86)\Citrix\Licensing\WebServicesForLicensing\Apache\conf\extra\httpd-ssl.conf 

•  Replace the "SSLEngine on" section with following lines:

SSLEngine on

#ALL stands for +SSLv2 +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2

SSLProtocol ALL -SSLv2 -SSLv3 -TLSv1

SSLCipherSuite ALL:!MEDIUM:!LOW:!aNULL:!eNULL:!RC4:!EXP:!CAMELLIA:!DH:!3DES

SSLCipherSuite TLSv1.3 TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256

• Restart the secvice "Citrix Web Services for Licensing"

Problem Cause

After License Server upgrade to the latest 11.17.2 build 51000, its allowed cipher suites(httpd-ssl.conf) change to below:
SSLProtocol ALL -TLSv1.1 -TLSv1 -SSLv2 -SSLv3
SSLCipherSuite ALL:+HIGH:!ADH:!EXP:!SSLv2:!SSLv3:!MEDIUM:!LOW:!NULL:!aNULL
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256 

And DDC 1912 CU6 and below and 2203 CU2 and below licensing PowerShell Snap in only offer ciphersuites:"RSA+AES256-SHA:RSA+AES128-SHA:RSA+RC4-SHA:RSA+DES-CBC3-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384", thus when connect to LS TLS connection will fail to setup.