Linux Virtual Delivery Agent

Secure user sessions using DTLS

DTLS encryption is a fully supported feature starting with the 7.18 release. By default, this feature is enabled on the Linux VDA. For more information, see Transport Layer Security.

Enable DTLS encryption

Verify that adaptive transport is enabled

In Citrix Studio, verify that the HDX Adaptive Transport policy is set to Preferred or Diagnostic mode.

Enable SSL encryption on the Linux VDA

On the Linux VDA, use the tool at /opt/Citrix/VDA/sbin to enable (or disable) SSL encryption. For information about the options available in the tool, run the /opt/Citrix/VDA/sbin/ –h command.


The Linux VDA supports DTLS 1.0, DTLS 1.2, and DTLS 1.3 and uses DTLS 1.2 by default. Check which version of DTLS is in use on your Citrix Workspace app. Ensure that the same version of DTLS is used on both the Linux VDA and your Citrix Workspace app. If your Citrix Workspace app supports only DTLS 1.0 (for example, Citrix Receiver for Windows 4.11), set SSLMinVersion to TLS_1.0 and SSLCipherSuite to COM or ALL using the tool.

Secure user sessions using DTLS