This topic describes the system and user requirements for installing Citrix Receiver for Linux.
For x86 devices, processor speeds of at least 1.6 GHz display single-monitor sessions well at typical resolutions (for example, 1280 x 1024). If you use the HDX 3D Pro feature, a native hardware accelerated graphics driver and a minimum processor speed of 2 GHz are required.
For ARM devices, a hardware H.264 decoder is required for both general H.264 support and HDX 3D Pro. Performance also benefits from faster processor clock speeds.
HDX MediaStream Flash Redirection
For all HDX MediaStream Flash Redirection requirements, see CTX134786.
Citrix recommends testing with the latest plug-in before deploying a new version to take advantage of the latest functionality and security-related fixes.
HDX RealTime Webcam Video Compression
HDX MediaStream Windows Media Redirection
If you plan to use Philips SpeechMike devices with Receiver, you may need to install the relevant drivers on the user device. Go to the Philips web site for information and software downloads.
Smart card support
Note: Smart cards are not supported with the XenApp Services site for Web Interface configurations (formerly known as PNAgent), or with the "legacy PNAgent" site that can be provided by a StoreFront server.
Citrix Receiver for Linux supports smart card readers that are compatible with PCSC-Lite and smart cards with PKCS#11 drivers for the appropriate Linux platform. By default Receiver for Linux now locates opensc-pkcs11.so in one of the standard locations. To ensure Receiver for Linux finds either opensc-pkcs11.so in a non-standard location or another PKCS#11 driver, store the location in a configuration file using the following steps:
Note: If you enter a file name for the driver location, Receiver navigates to that file in the$ICAROOT/PKCS#11 directory. Alternatively, you can use an absolute path beginning with "/".
To configure the behavior of Citrix Receiver for Linux when a smart card is removed, update theSmartCardRemovalAction in the configuration file using the following steps:
The default behaviour is 'noaction'. No action is taken to clear credentials stored and tokens generated with regards to the smart card on the removal on the smart card. The 'forcelogoff' action clears all credentials and tokens within StoreFront on the removal of the smart card.
Provides direct access to StoreFront stores.
Provides access to StoreFront stores from a web browser. For the limitations of this deployment, refer to "Important considerations" in Receiver for Web sites.
Web Interface in conjunction with the NetScaler VPN client:
Provides access to virtual desktops and apps from a Web browser.
Mozilla Firefox 18.x (minimum supported version)
Note: For information on changes to Google Chrome NPAPI support, see Citrix blog article, Preparing for NPAPI being disabled by Google Chrome.
Citrix Receiver for Linux supports HTTPS and ICA-over-TLS connections through any one of the following configurations.
For information about domain-joined and non-domain-joined devices, refer to the XenDesktop 7 documentation.
For information about the NetScaler Gateway and Access Gateway versions supported by StoreFront, see StoreFront system requirements.
Note: References to NetScaler Gateway in this topic also apply to Access Gateway, unless otherwise indicated.
Private (self-signed) certificates
If a private certificate is installed on the remote gateway, the root certificate for the organization's certificate authority must be installed on the user device to successfully access Citrix resources using Receiver.
Note: If the remote gateway's certificate cannot be verified upon connection (because the root certificate is not included in the local keystore), an untrusted certificate error appears. The root certificate needs to be installed in the clients certificate store.
Installing root certificates on user devices
For information about installing root certificates on user devices as well as configuring Web Interface for certificate use, see Secure Receiver communication.
Wildcard certificates are used in place of individual server certificates for any server within the same domain. Citrix Receiver for Linux supports wildcard certificates, however they should only be used in accordance with your organization's security policy. In practice, alternatives to wildcard certificates, such as a certificate containing the list of server names within the Subject Alternative Name (SAN) extension, could be considered. Such certificates can be issued by both private and public certificate authorities.
Intermediate certificates and the NetScaler Gateway
If your certificate chain includes an intermediate certificate, the intermediate certificate must be appended to the NetScaler Gateway server certificate. For information, see Configuring Intermediate Certificates.
Although you do not need to log on as a privileged (root) user to install the Citrix Receiver for Linux, USB support is enabled only if you are logged on as a privileged user when installing and configuring Receiver. Installations performed by non-privileged users will, however, enable users to access published resources using either StoreFront through one of the supported browsers or using Receiver's native UI.
Citrix provides a script, hdxcheck.sh, as part of the Receiver installation package. The script checks whether your device meets all of the system requirements in order to benefit from all of the functionality in Receiver for Linux. The script is located in the Utilities directory of the installation package.