Citrix Federated Authentication Service
This document details the necessary steps to configure and integrate Citrix Federated Authentication Service (FAS) with the CipherTrust Manager (CM).
Citrix FAS built on top of Microsoft cryptographic technology (CAPI / CNG) is a tool that integrates with Active Directory Certificate Services to issue certificates for users. CipherTrust Manager is used to store keys associated with the user certificates.
Supported Product Versions
This integration is validated on the following software versions:
CipherTrust Manager
- CipherTrust Manager 2.4 and higher
Citrix FAS
Citrix FAS 10.1.0.3 and higher
Note
This integration is validated on Citrix FAS version 10.7.0.14.
SafeNetProtectApp Key Storage Provider
- SafeNetProtectApp Key Storage Provider 8.10.0
Prerequisites
Ensure that the CipherTrust Manager is installed and configured. For more details, refer to the CipherTrust Manager documentation.
Ensure that AD CS is installed and configured. For more details, refer to the Microsoft Documentation.
Ensure that the computer on which you are installing AD CS is mapped to a domain where Active Directory Domain Services (AD DS) is installed.
Citrix FAS communicates with the CipherTrust Manager using the Network Attached Encryption (NAE)-XML Interface. Ensure that the NAE-XML interface is configured. For more details, refer to the CipherTrust Manager Documentation.
Steps For The Integration
To integrate Citrix FAS with the CipherTrust Manager:
