Jump to content
Welcome to our new Citrix community!
  • 0


Miguel Angel Blazquez



After my Workstations was installed the Microsotf Security Update October 2022 KB5018410, the Citrix Workspace Client can´t connect with Netscaler server, the error for new connections is "can't add account with provided url". The clients that have Citrix open, can´t open any application. If uninstall it the Microsoft KB, Citrix work fine. We try with differents Citrix version and the problem persist. Any idea?

The Windows OS version is Windows  21H2

Edited by Miguel Angel Blazquez
Link to comment

10 answers to this question

Recommended Posts

  • 0

Same here! I registered a case with Citrix but unfortunately they could not help us because we are on an unsupported version:

"Thank you for your time on call today.
We found that your current CVAD Infra is on an unsupported version 7.15. The support for 7.15 ended on Aug 15 2022.
Since this issue is caused due to a recently released Win 10 security update so we would have to engage Escalations and Product Team. Due to the unsupported scenario I would not be able to do that. Hence suggesting you to upgrade your CVAD Deployment to a supported version."


I hope that someone with a newer version can get help soon and share the solution/workaround real soon!

Link to comment
  • 0

@Martin Berthiaume, I found the solution for our environment in Citric ADC (aka Netcaler). The Load balancing virtual server object for our Storefront missed settings for TLSv11 and TLSv12 in SSL parameters. I also tested with the delfault Ciphers, but had to remove them again because then the Session from HP Linux thin clients stopped working. In my searching for answers I also fixed an outdated certificate in IIS on the StoreFront servers. But it wasnt until I checked the LSv11 and TLSv12 the receiver started to work again. It seems like KB5018410 unchecks these the older ones Internet Options just leaving TLSv12 .

Link to comment
  • 0

Resolved for us: 

If you are wondering how to add TLS 1.2 support on your Netscaler, see the following steps. It could be different depending of your specific Netscaler setup and version. 
1.  Traffic Management -> Load Balancing -> Services: Edit the two SF servers Edit the SSL Parameter and Enable TLSv12 
2. Traffic Management -> Load Balancing -> Virtual servers: Edit active virtual server (not redirect) Edit the SSL Parameter and Enable TLSv12 
3. Traffic Management t -> SSL ->  Cipher Groups: create a new Ciphergroup add: "TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384" "TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256" "TLS1.2-ECDHE-ECDSA-AES256-SHA384" "TLS1.2-ECDHE-RSA-AES256-GCM-SHA384" 
4. Traffic Management -> Load Balancing -> Virtual servers: Edit active virtual server (not redirect) Edit the SSL Cipher and add the new Cipher Groups created just before. 
Do not forget to click on top right floppy disk icon to save the config.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...