Background

As most of the things around us constantly gets updates and improvements, the enhancements regarding flaws in vulnerabilities of security are for most people the most critical. Since cryptographic protocols like TLS 1.0 has been used since 1999, with an update to TLS 1.1 in 2006, these protocols have been vulnerable to attacks like POODLE and BEAST. The best way to prevent similar attacks from happening again is to have people to stop using the outdated protocols and having them to be forced to use the more enhanced 1.2 version.

Last year, some of the largest IT-companies in the world (Microsoft, Google, Apple & Mozilla) announced that TLS 1.0 and TLS 1.1 protocols will be deprecated from their respective web browser in 2020. After this, other companies adapted and cleverly joined the train.

As of the 15th of Mars, 2019, Citrix will no longer support communication over TLS 1.0 and 1.1 to Citrix Cloud Services.

Which cases will be affected?

The standard way of TLS negotiation is to have the latest version be the first negotiator, and if that one fails go to the next one, and so on. This means that if you are running an old version of Receiver that only supports TLS 1.0 / 1.1, you will not be able to connect to Citrix Cloud with an old Receiver. On-prem StoreFront implementations that still support TLS 1.0 / 1.1 will be unaffected by the change.

How will this affect you?

Listed below is the minimum required version of Citrix Receiver. If you have an earlier version, you will be prohibited trying to connect.

Receiver Version
Windows 4.2.1000
Mac 12.0
Linux 13.2
Android 3.7
iOS 7.0

 

What can you do to prevent this?

As of last May, at Synergy, Citrix announced that the Receiver would join the Workspace family. So don’t go looking for any version of Citrix Receiver, go look for the latest version of Citrix Workspace, which can be downloaded here. All the Workspace applications has been stripped from the TLS 1.0 and 1.1 protocol.

The full statement from Citrix can be found in this link