You can use smart cards in your XenApp environment. Smart cards are small plastic cards with embedded computer chips.
If you are using smart cards for secure network authentication, your users can authenticate to applications and content published on servers. In addition, smart card functionality within these published applications is also supported.
For example, a published Microsoft Outlook application can be configured to require that users insert a smart card into a smart card reader attached to the client device to log on to the server. After users are authenticated to the application, they can digitally sign email using certificates stored on their smart cards.
Citrix supports the use of PC/SC-based cryptographic smart cards. These cards include support for cryptographic operations such as digital signatures and encryption. Cryptographic cards are designed to allow secure storage of private keys such as those used in Public Key Infrastructure (PKI) security systems. These cards perform the actual cryptographic functions on the smart card itself, meaning the private key and digital certificates never leave the card.
You can also use smart cards with the Web Interface for XenApp. For details, see the Web Interface administrator documentation.
Before using smart cards with XenApp, consult your smart card vendor or integrator to determine detailed configuration requirements for your specific implementation.
Your Windows server and client operating systems may come with PC/SC, CSP, or smart card reader drivers already present. See your smart card vendor for information about whether these software components are supported or must be replaced with vendor-specific software.
You do not need to attach the smart card reader to your server during CSP software installation if you can install the smart card reader driver portion separately from the CSP portion.
If you are using pass-through authentication to pass credentials from your client device to the smart card server session, CSP software must be present on the client device.
A complete and secure smart card solution can be complex and Citrix recommends that you consult your smart card vendor or integrator for details. Configuration of smart card implementations and configuration of third-party security systems, such as certificate authorities, are beyond the scope of this documentation.
Smart cards are supported for authenticating users to published applications or for use within published applications that offer smart card functionality. Only the former is enabled by default upon installation of XenApp.
To configure smart card support for users of these plug-ins and clients, see the plug-in or client documentation.