You can create a virtual smart card to use when you log in to a server and connect to a remote desktop. With a virtual smart card, you do not need to connect a traditional smart card reader to the client device. One virtual smart card can hold multiple certificates.
- Import a certificate. You can use a third-party application, such as Purebred, to deliver the certificate to the client device. For an Android device, you can copy a certificate file to the Android device and then import it into the Android system settings.
- For an Android device, verify that the device has a passcode. A passcode is not required to create a virtual smart card on a Chromebook.
- Verify that the client device, remote desktops, RDS hosts, Connection Server host, and other Horizon components meet the smart card authentication requirements. See Smart Card Authentication Requirements.
- Tap the Settings (gear) icon in the upper-right corner of the Horizon Client window.
- Tap Derived Credentials and then tap Create new virtual smart card.
- (Android device only) Perform device authentication.
- Enter and confirm a PIN for the virtual smart card.
- Tap Continue to import derived credentials and import the derived credential.
- Tap PIV Authentication Certificate.
- Select a certificate.
- Tap Select.
- (Optional) To import a digital signature certificate or encryption certificate after you import the PIV authentication certificate, tap Digital Signature Certificate or Encryption Certificate and follow the prompts.
- To create the virtual smart card, tap Done.
The derived credential appears in the Settings window.
- Toggle the Use Derived Credentials setting to on.
- To create another virtual smart card for a different Horizon environment, tap Create new virtual smartcard and repeat these steps.
What to do next
Log in to the server and connect to a remote desktop. The process is the same as when you use a physical smart card. See Connect to a Remote Desktop or Published Application.