Skip to main content

Citrix FAS

Integration guide

This guide covers all the steps needed to integrate Citrix FAS with DigiCert​​®​​ Trust Lifecycle Manager, using DigiCert Autoenrollment Server for certificate provisioning.

Citrix Federated Authentication Service (FAS) supports user authentication and single-sign on (SSO) for virtual desktops and applications. Once authenticated, users are assigned a certificate to verify their identity throughout the virtualized environment.

The integration lets you use the DigiCert​​®​​ Trust Lifecycle Manager suite of tools to monitor and manage all the Citrix FAS user certificates, with automated issuance through DigiCert Autoenrollment Server.

Prerequisites

Install Citrix FAS on a Windows server on the same domain where users sign in:

Warning

Follow the Citrix instructions up to and including the "Configure Group Policy" step. Do not proceed to deploy certificate templates.

Install DigiCert Autoenrollment Server (AES) version 2.24.1.0 or above on the same domain as Citrix FAS:

  • For complete instructions from DigiCert, see DigiCert Autoenrollment Server.DigiCert Autoenrollment Server

  • DigiCert AES can be installed on the same Windows server as Citrix FAS.

  • Enroll at least one certificate through DigiCert AES to make sure it's working. See Test certificate enrollments.

Workflow

The complete process of integrating with Citrix FAS involves these steps: