- Citrix Workspace app version 1808 and later for iOS supports iOS 10, 11, and 12.
- This software update has been validated on the following devices:
- iPhone 5x models, iPhone 6x models, iPhone 7x models, iPhone 8x models, and only iPhone X model.
- All iPad models (including iPad Pro) except for iPad 1 and iPad 2 which are not supported.
- External display support
- iPhone - as supported by iOS.
- iPad - as supported by iOS (does not use the whole screen).
Ensure you install all the latest hotfixes for your servers.
For connections to virtual desktops and apps, Citrix Workspace app for iOS supports Citrix StoreFront and Web Interface.
StoreFront 3.6 or later (recommended). Citrix Workspace app for iOS has been validated with the latest version of StoreFront; previous supported versions include StoreFront 2.6 or later.
Provides direct access to StoreFront stores. Citrix Workspace app for iOS also supports prior versions of StoreFront.
With XenApp and XenDesktop 7.8, Citrix introduced support for the Framehawk virtual channel and 3D Pro. This functionality was extended to Citrix Workspace app for iOS.
StoreFront configured with a Workspace for Web site
Provides access to StoreFront stores from a Safari web browser. Users must manually open the ICA file using the browser. For the limitations of this deployment, see the StoreFront documentation.
Web Interface 5.4 with Web Interface sites
Web Interface 5.4 with XenApp Services sites
Web Interface on Citrix Gateway (browser-based access only using Safari)
You must enable the rewrite policies provided by Citrix Gateway.
Citrix Virtual Apps and Desktops, XenApp, and XenDesktop (any of the following products):
- Citrix Virtual Apps and Desktops 7 1808 or later
- Citrix XenDesktop 7.x or later
- Citrix XenApp 7.5 or later
- Citrix XenApp 6.5 for Windows Server 2008 R2
Connectivity and authentication
For connections to StoreFront, Citrix Workspace app for iOS supports the following authentication methods:
|Workspace for Web using browsers||StoreFront Services site (native)||StoreFront XenApp Services site (native)||Citrix Gateway to Workspace for Web (browser)||Citrix Gateway to StoreFront Services site (native)|
|Two-factor authentication (domain with security token)||Yes*||Yes*|
|User certificate||Yes (Citrix Gateway plug-in)||Yes (Citrix Gateway plug-in)|
*Available only for Workspace for Web sites and for deployments that include Citrix Gateway, with or without installing the associated plug-in on the device.
For connections to the Web Interface 5.4, Citrix Workspace app for iOS supports the following authentication methods:
Web Interface uses the term Explicit to represent domain and security token authentication.
|Web Interface (browsers)||Web Interface XenApp Services site||Citrix Gateway to Web Interface (browser)||Citrix Gateway to Web Interface XenApp Services site|
|Two-factor authentication (domain with security token)||Yes*|
|User certificate||Yes (Require Citrix Gateway plug-in)|
About secure connections and certificates
Private (self-signed) certificates
When a private certificate is installed on the remote gateway, the root certificate for the organization’s certificate authority must be installed on the device to successfully access Citrix resources using Citrix Workspace app for iOS.
If the remote gateway’s certificate cannot be verified upon connection (because the root certificate is not included in the local keystore), an untrusted certificate warning appears. If a user chooses to continue through the warning, a list of applications is displayed; however, applications fail to start.
Trust manually installed certificate
In iOS 10.3 and later, a certificate included in a profile that you install manually is not automatically trusted for SSL. To trust manually installed certificate profiles in iOS:
- Make sure you have installed the certificate profile on the device.
Go to Settings > General > About > Certificate Trust Settings.
Each root that has been installed through a profile appears under Enable Full Trust For Root Certificates.
- You can toggle trust on or off for each root.
Import root certificates on iPad and iPhone devices
Obtain the root certificate of the certificate issuer and email it to an email account configured on your device. When clicking the attachment, you are asked to import the root certificate.
Wildcard certificates are used in place of individual server certificates for any server within the same domain. Citrix Workspace app for iOS supports wildcard certificates.
Intermediate certificates and Citrix Gateway
When your certificate chain includes an intermediate certificate, the intermediate certificate must be appended to the Citrix Gateway (or Access Gateway) server certificate. Also, for Access Gateway installations, see the Knowledge Base article that matches your edition:
RSA SecurID authentication is supported for Secure Gateway configurations (through the Web Interface only) and all supported Access Gateway configurations.
Citrix Workspace app for iOS supports all authentication methods supported by Access Gateway.
Citrix Workspace app for iOS provides support for SITHS smart cards for in-session connections only.
If you are using FIPS Citrix Gateway devices, configure your systems to deny SSL renegotiations. For details, see How to configure the -denySSLReneg parameter.
The following products and configurations are supported:
- Supported readers:
- Precise Biometrics Tactivo for iPad Mini Firmware version 3.8.0
- Precise Biometrics Tactivo for iPad (4th generation) and Tactivo for iPad (3rd generation) and iPad 2 Firmware version 3.8.0
- BaiMobile® 301MP and 301MP-L Smart Card Readers Supported VDA Smart Card Middleware
- Supported smartcards:
- PIV cards
- Common Access Card (CAC)
- Supported configurations:
- Smart card authentication to Citrix Gateway with StoreFront 2.x and XenDesktop 7.x or later or XenApp 6.5 or later