In this scenario, Citrix Receiver 13.1 or newer is required. The root certificate of the web server certificate used by the StoreFront server has to be known as the trusted root certificate on the endpoint device - see Deploying Trusted Root Certificates, Certificate Type SSL Certificate.

  1. Under Sessions > Citrix > Citrix StoreFront > Server, specify the Server location.

  2. Choose Smartcard authentication as Authentication type under Sessions > Citrix > Citrix StoreFront > Login.

    When used in combination with Active Directory Logon the enabled Use Passthrough authentication activates single sign-on with smartcard.
  3. Select the appropriate PKCS#11 module for the smartcard Security > Smartcard > Middleware.
    • Gemalto/SafeNet eToken
    • cryptovision sc/interface
    • Gemalto IDPrime
    • Athena IDProtect
    • A.E.T. SafeSign
    • Secmaker Net iD
    • 90meter

      Licensed Feature

      This feature requires an add-on license; see Add-On Licenses. Please contact your IGEL reseller.

    • Custom PKCS#11 module. See here also Using a Custom PKCS#11 Library.