Citrix Web Studio displays the activation status: Not Activated.
Example:

CDF trace captured on the Delivery Controller shows an issue with TLS communication.
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
Network trace shows handshake failure:
Alert (Level: Fatal, Description: Handshake Failure)
Network trace analysis - working (activated) DDC:

Network trace analysis - not working (not activated) DDC:

Old ciphers prioritized using GPO on the affected Delivery Controller.
Review existing GPO - SSL Cipher Suite Order (if configured):
(Computer Configuration\Administrative Templates\Network\SSL Configuration Settings\SSL Cipher Suite Order)
Make sure that any of the supported ciphers are on top of the list.
From Licensing Server documentation:
Policy configuration:


You can also check the list from PowerShell: Get-TlsCipherSuite | Format-Table -Property CipherSuite, Name
The purpose of the article is to provide troubleshooting steps and a solution in a scenario where Delivery Controller Licensing Activation Status is: Not Activated.
Please note that the change can affect other applications or components. Handshake issue might also occur after the change if other servers have an old / different Cipher Suite Order (for example Storefront > DDC communication).
Verify if your deployments have transitioned to License Activation Service (LAS)
License Server Cipher Suite order and requirements
From License Server documentation:
Cipher Suite order and requirements
The following is the full list of supported Cipher Suites: