Download PDF
Download page Middleware for Smartcards in IGEL OS.
Middleware for Smartcards in IGEL OS
In comparison to simply using passwords, two-factor authentication with a smartcard or smart token offers an additional layer of security. When configuring login with a smartcard, you have to define smartcard middleware to be used. In this area of the IGEL Setup, you select the middleware (PKCS#11 module) which matches your card or your token. Alternatively, you can specify here your own PKCS#11 module.
The middleware selected here will be used for the following logins:
- Login to Citrix sessions; see Citrix Global
- Login to Citrix StoreFront; see Citrix StoreFront
- Login to an endpoint device via Active Directory; see Active Directory/Kerberos
For more information on smartcard authentication in IGEL OS, see the how-to Smartcard Authentication in IGEL OS.
If you use IGEL smartcards, see Authentication with IGEL Smartcard.
Menu path: Security > Smartcard > Middleware
For smartcard authentication to Citrix and Active Directory / Kerberos, you can use several middleware libraries at the same time. The concurrent usage of multiple smartcard middleware libraries may be required, for example, if multiple users with different smartcard types must have access to the device.
Note: If no middleware is activated, OpenSC is used as a fallback.
Gemalto SafeNet
The middleware for Gemalto/SafeNet eToken, IDPrime smartcards and Token is used.
cryptovision sc/interface
The middleware for cryptovision smartcards is used.
Gemalto IDPrime
The middleware for Gemalto IDPrime smartcards is used.
Enable this Gemalto middleware when you want to operate Gemalto Common Criteria devices in unlinked mode.
Athena IDProtect
The middleware for Athena IDProtect smartcards is used.
A.E.T. SafeSign
The middleware for SafeSign smartcards is used.
SecMaker Net iD Enterprise
The SecMaker Net iD Enterprise middleware, formerly known as "Secmaker Net iD", is used.
Enable this SecMaker middleware if you use Net iD implementation with CID (Certificate Identity Declaration).
SecMaker Net iD Client
The SecMaker Net iD Client middleware is used. SecMaker Net iD Client is the next generation of Net iD Enterprise, see http://docs.secmaker.com/net-id-client/latest/index.html.
The SecMaker Net iD Client must also be installed on the server side.
Coolkey
The middleware Coolkey is used.
OpenSC
The middleware OpenSC is used.
90meter
The 90meter middleware is used.
Licensed Feature
This feature requires an add-on license; see Add-On Licenses. Please contact your IGEL reseller.
Custom PKCS#11 module
The PKCS#11 module stored under the Path to the library is used. See also Using a Custom PKCS#11 Library.
In case of the installation of a custom PKCS#11 library, the file(s) (in .so format) must be placed on the endpoint device either via UMS file transfer or Custom Partition.
The use of the /wfs folder is NOT recommended because of its space limit.
Path to the library
Path to the custom PKCS#11 module. Example: /usr/lib/pkcs11/[name of the library].so