POODLE SSLV3.0 Security Issue Workaround for License Server
                    
                
                
                    
                        book
                        
Article ID: CTX200265
                        
                    
                    
                        calendar_today
                        
Updated On: 
                    
                 
                
                    
                
                    
                    
                        
                            
Description
                        
                        
                            Citrix Licensing 11.12.1 for Windows might be vulnerable to the Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability.  POODLE affects older standards of encryption - Secure Socket Layer (SSL) version 3 but not the newer encryption method Transport Layer Security (TLS). Citrix suggests the following workaround to mitigate a security issue.
Instructions
Configuration changes for the License Administration Console
- Go to the License Server installation location. For example,
 C:\Program Files (x86)\Citrix\Licensing\LS\Conf
- Open Server.xml in any editor and add the following attributes to the webserver element:
	
sslProtocol="-All +TLSv1"
The XML element will look like
<webserver … sslProtocol="-All +TLSv1"> 
- Restart the Citrix Licensing service.
Restart Citrix Licensing Service with Service Manager
- In the Run dialog box, type services.msc and click OK.
 OR
 Go to Control Panel > Administrative Tools > Services.
- Restart the Citrix Licensing service as shown below.
 
Restart Citrix Licensing Service at a command prompt
- At the command prompt, type net stop “Citrix Licensing” and press Enter.
- After the service is stopped type net start “Citrix Licensing” and press Enter.
It will look like this:
 
Configuration changes for the Citrix Web Services for Licensing web server
- Go to the License Server installation location. For example,
 C:\Program Files (x86)\Citrix\Licensing\\WebServicesForLicensing\Apache\Conf\extra
- Open httpd-ssl.conf in any editor and locate this line:
	
SSLProtocol ALL -SSLv2 
- Change the line to:
	
SSLProtocol -ALL +TLSv1 
- Restart the Citrix Web Services for Licensing service.
Restart Citrix Web Services for Licensing with Service Manager
- In the Run dialog box, type services.msc and click OK.
 OR
 Go to Control Panel > Administrative Tools > Services.
- Restart the Citrix Web Services for Licensing service as shown below.
 
Restart Citrix Web Services for Licensing at a command prompt
- At the command prompt, type net stop “CitrixWebServicesForLicensing” and press Enter.
- After the service is stopped type net start “CitrixWebServicesForLicensing” and press Enter.
It will look like this:
 
                         
                     
                    
                    
                    
                    
                    
                        
                            
                                
Issue/Introduction
                            
                            
                                POODLE: SSLv3 vulnerability (CVE-2014-3566)
                            
                         
                        
                    
                    
                    
                
                    
                        
                            Was this article helpful?
                        
                        
                            
                                thumb_up
                                Yes
                            
                            
                                thumb_down
                                No