Citrix FAS
Integration guide
This guide covers all the steps needed to integrate Citrix FAS with DigiCert® Trust Lifecycle Manager, using DigiCert Autoenrollment Server for certificate provisioning.
Citrix Federated Authentication Service (FAS) supports user authentication and single-sign on (SSO) for virtual desktops and applications. Once authenticated, users are assigned a certificate to verify their identity throughout the virtualized environment.
The integration lets you use the DigiCert® Trust Lifecycle Manager suite of tools to monitor and manage all the Citrix FAS user certificates, with automated issuance through DigiCert Autoenrollment Server.
Prerequisites
Install Citrix FAS on a Windows server on the same domain where users sign in:
For complete instructions from Citrix, see Install and configure.
Warning
Follow the Citrix instructions up to and including the "Configure Group Policy" step. Do not proceed to deploy certificate templates.
Install DigiCert Autoenrollment Server (AES) version 2.24.1.0 or above on the same domain as Citrix FAS:
For complete instructions from DigiCert, see Autoenrollment Server.
DigiCert AES can be installed on the same Windows server as Citrix FAS.
Enroll at least one certificate through DigiCert AES to make sure it's working. See Test certificate enrollments.
Workflow
The complete process of integrating with Citrix FAS involves these steps: