ICA session disconnects at logon with html5 workspace access.
Meanwhile, Citrix workspace app or  Receiver web don't see such issue

Disable Secure ICA feature on the malfunctioning delivery groups.

---

Problem Cause

Secure ICA has been enabled on the delivery group which has broken the HTML5 connections.
Secure ICA encrypts the logon data with an RC5 non-FIPS-compliant algorithm, making it unreadable because the entire data stream was already encrypted.

• Citrix XenApp 7.15 LTSR
• Citrix XenDesktop 7.15 LTSR
• NetScaler Gateway MPX FIPS edition hardware appliance 12.0
• StoreFront 3.12
• Citrix Receiver for Windows 4.9

When using these products with the TLS connections enabled, the cryptographic modules that are used are FIPS 140-2-validated. Citrix XenApp and XenDesktop, StoreFront and Receiver, use cryptographic modules provided by the Microsoft Windows operating system. NetScaler uses the FIPS 140-2-validated Cavium cryptographic module.

https://www.citrix.com/content/dam/citrix/en_us/documents/about/citrix-xenapp-and-xendesktop-715ltsr-fips-140-2-sample-deployments.pdf