Jump to content
Welcome to our new Citrix community!
  • 0

tls 1.0 between PVS and DB


prasant chettrri

Question

Recently, I was disabling TLS 1.0, 1.1, ssl, 3des security vulnerability. During the process the first thing broke was database and PVS communication and bunch of log with streaming service failure.  First, I enabled TLS 1.1 on PVS that did not fix it and I ended up enabling both TLS 1.0 and 1.1 to get the stream services running and then able to to successfully the target device on hypervisor.

Next I followed the same process on DB server and ended up with same issue and followed same reverse fix of enabling vulnerability to get it working. For now I determine, the communication between DB and PVS uses TLS 1.0 but I have not been able dig down to find way to avoid TLS 1.1 on both server.

I called Citrix support on weekend but support could not figure it out and suggested that I should enable 1.0 as workaround, as the the workaround leads to no production down it is not supported under break/fix support. During the weekdays when I called I was told to disable TLS 1.0 and then call break fix on weekend and weekend support suggested me to keep TLS 1.0 enabled.

Has anyone implement fix for TLS 1.0 between PVS and DB. Does it need upgrade of native SQL agent, or .net?

Once this is fixed I have to test TLS on Netscaler and Xenserver.

Appreciate the help from community...
PC
 

Link to comment

2 answers to this question

Recommended Posts

  • 0

Thanks I will give it a try with SQL native client upgrade. Though this article is related to PVS console failing to launch, in my case I can still launch PVS console but when boot device from Xenserver it fails to find the boot disk. The only time PVS console would fail if SOAP account password is changed to old one or SOAP connection is disrupted. 

 

The .netframework I noticed it before but I think it is only related for client hosting server on ESX and managing through Vcenter. Don't think .net  article applies to Xenserver.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...