Enable certificate revocation list checking for improved security
When you enable certificate revocation list (CRL) checking, Citrix Receiver for Windows checks to see if the server’s certificate is revoked. Forcing Citrix Receiver for Windows to check this helps improve the cryptographic authentication of the server and the overall security of the TLS connection between a user device and a server.
You can enable several levels of CRL checking. For example, you can configure Citrix Receiver for Windows to check only its local certificate list or to check the local and network certificate lists. In addition, you can configure certificate checking to allow users to log on only if all CRLs are verified.
If you are making this change on a local computer, exit Citrix Receiver for Windows. Make sure all Citrix Receiver for Windows components, including the Connection Center, are closed.
For information about configuring TLS, see Configure and enable TLS.