Jump to content
Welcome to our new Citrix community!
  • 0

"Your account cannot be added using this server address" - Weird SSL Behavior

ABICO Licensing


I have a fully functioning (but admittedly aged) XenApp deployment that's been servicing thousands of people daily for a long time. Suddenly, one particular remote network seems to have lost the ability to connect. Upon entering the server address, Workspace immediately returns "Your account cannot be added using this server address." The credentials prompt never appears (obviously).


Running a packet trace on the communication, what I see is:


TLS v1 Hello

Server Hello

Client immediately sends FIN


The client never sends a session key as one would expect.


Other useful things:


1. The Citrix gateway server uses the same wildcard certificate as a website on the same server. The remote network has no problem accessing that site

2. Every SSL tool on the internet reports a complete/correct certificate & chain

3. The remote network *used* to work - it broke suddenly

4. There are still 2000 other sessions on this farm

5. Upgrading from Receiver 4.12 to Workspace 1909 changed nothing


I do not control the remote network, so it's a black box for me. I am looking for an explanation as to why this suddenly broke for them, but I can't readily explain a reason for a sudden SSL handshake abort like I'm seeing. Anyone have any ideas?


Edit: I've attached a snip of a packet trace that may help illustrate


Link to comment

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...