System requirements

Citrix Receiver for Windows (Store) is compatible with the following Windows operating systems. It is also compatible with all currently supported versions of XenApp, XenDesktop, and NetScaler Gateway as listed in the Citrix Product Lifecycle Matrix.


Fall Creators Update is the minimum build version supported.

Operating System
Windows 10 S
Windows 10 Enterprise
Windows 10 Pro
Windows 10 Home
Windows 10 IoT Enterprise


You cannot install Citrix Receiver for Windows (Store) on Windows Server 2016 because Microsoft Store is not supported on this operating system.

You can install Citrix Receiver for Windows (Store) on the following device types:

  • Device
  • Desktop
  • Laptop
  • Tablet

Windows IoT Enterprise

Support for use of external devices on Citrix Receiver for Windows (Store)

Contact Microsoft or the device vendors for support guidelines on using the following external devices with Citrix Receiver for Windows (Store):

  • Webcam
  • Printers
  • Scanners
  • External monitors
  • Smartcard devices
  • Proximity card

Connections, Certificates and Authentication


  • HTTP store
  • HTTPS store
  • NetScaler Gateway 10.5 and later
  • Web Interface 5.4

Citrix Receiver for Windows (Store) can connect to a VDA or an ICA session on windows domain-joined machines, managed devices (local and remote with or without VPN), and non-domain joined machines.


  • Private (self-signed)
  • Root
  • Wildcard
  • Intermediate

Private (Self-signed) Certificates

If a private certificate is installed on the remote gateway, install the root certificate of the organization’s certificate authority on the user device to access Citrix resources successfully using Citrix Receiver for Windows (Store).


If the remote gateway’s certificate is not verified during connection (because the root certificate is not included in the local keystore), an untrusted certificate warning appears. If you choose to continue with the warning, the apps are displayed but they might not launch.

Installing root certificates

For domain-joined computers, you can use a Group Policy Object administrative template to distribute and trust CA certificates.

For non-domain joined computers, you can create a custom install package to distribute and install the CA certificate.

Wildcard Certificates

Wildcard certificates are used on a server within the same domain.

Citrix Receiver for Windows (Store) supports wildcard certificates; however, they must be used in accordance with your organization’s security policy. In practice, an alternative is a certificate that contains the list of server names with Subject Alternative Name (SAN) extension. These certificates are issued both by private and public certificate authorities.

Intermediate Certificates and NetScaler Gateway

If your certificate chain includes an intermediate certificate, append the intermediate to the NetScaler Gateway server certificate. For more information, see Configuring Intermediate Certificates.


Authentication to StoreFront


* With or without the NetScaler plug-in installed on the device.


Citrix Receiver for Windows (Store) supports two-factor authentication (domain plus security token) using NetScaler Gateway to the StoreFront native service.

Authentication to Web Interface

Citrix Receiver for Windows (Store) supports the following authentication methods (Web Interface uses the term Explicit for domain and security token authentication):


* Available only in deployments that include NetScaler Gateway, with or without the associated plug-in installed on the device.

For information about authentication, see Configuring Authentication and Authorization in the NetScaler Gateway documentation and Manage topics in the StoreFront documentation.

For information about authentication methods supported by Web Interface, see Web Interface documentation.