STIGQter STIGQter: STIG Summary: Citrix XenDesktop 7.x License Server Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020:

XenDesktop License Server must implement DoD-approved encryption to protect the confidentiality of remote access sessions.

DISA Rule

SV-96127r1_rule

Vulnerability Number

V-81413

Group Title

SRG-APP-000014

Rule Version

CXEN-LS-000030

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

1. Copy a valid server certificate file and server certificate key file to the \\Citrix\Licensing\LS\conf\ folder of the License Server installation directory.
2. Click “Administration” and select the "Server Configuration" tab.
3. Click the "Secure Web Server Configuration" bar.
4. Select "Enable HTTPS (Default 443)".
5. Enter a port for the HTTPS communication.
6. Enter the location of the server certificate file and the server certificate key file.
7. Stop and restart the Citrix Licensing service from the services control panel of the machine running the license server.
NOTE: You may be prompted to log in after "Administration".
Port should be 8082 (or desired port from PPSM group).

Check Contents

Open the License Management Console, click "Administration", and select the "Server Configuration" tab.

Click the "Secure Web Server Configuration" bar and verify "Select Enable HTTPS (Default 443)" is selected.

If "Select Enable HTTPS (Default 443)" is not selected, this is a finding.

Vulnerability Number

V-81413

Documentable

False

Rule Version

CXEN-LS-000030

Severity Override Guidance

Open the License Management Console, click "Administration", and select the "Server Configuration" tab.

Click the "Secure Web Server Configuration" bar and verify "Select Enable HTTPS (Default 443)" is selected.

If "Select Enable HTTPS (Default 443)" is not selected, this is a finding.

Check Content Reference

M

Target Key

3293

Comments