Receiver for Mac
supports smart card authentication in the following configurations:
About smart card authentication to NetScaler
When using a smart card to authenticate a connection when there are multiple usable certificates on the smart card, Citrix Receiver prompts you to select a certificate. Upon selecting a certificate, Citrix Receiver prompts you to enter the smart card password; once authenticated, the session launches.
If there is only one suitable certificate on the smart card, Citrix Receiver uses that certificate and will not prompt you to select it. However, you must still enter the password associated with the smart card to authenticate the connection and to start the session.
Specifying a PKCS#11 module for smart card authentication
Using advanced configuration options in the Citrix Receiver Preferences window, you can specify the PKCS#11 module for authentication purposes:
- In Citrix Receiver, select Preferences.
- In the Preferences window, click Security & Privacy.
- In the Security & Privacy section, click Smart Card.
- In the PKCS#11 field, select the appropriate module; click Other to browse to the location of the PKCS#11 module if the desired one is not listed.
- After selecting the appropriate module, click Add.
Supported readers, middleware, and smart card profiles
Receiver for Mac supports most Mac OS X compatible smart card readers and cryptographic middleware. Citrix has validated operation with the following.
- Common USB connect smart card readers
- Activeidentity client version
- Charismathics client version
Supported smart cards:
- PIV cards
- Common Access Card (CAC)
- Gemalto .NET cards
Follow the instructions provided by your vendor’s Mac OS X compatible smart card reader and cryptographic middleware for configuring user devices.