Chrome systems that use a smart card for user authentication must meet certain requirements.
Smart cards have certain limitations when used with Horizon Client, as described in Smart Card Authentication Limitations.
Client Hardware and Software Requirements
- U.S. Department of Defense Common Access Card (CAC)
- U.S. Federal Government Personal Identity Verification (PIV) card (also called FIPS-201 smart card)
Each system that uses a smart card for user authentication must have the following hardware and software.
- Horizon Client for Chrome
- A compatible smart card reader
- Google Smart Card Connector extension
The connector extension provides basic support for smart cards on Chrome OS. You can download the Smart Card Connector extension from the Chrome web store. VMware recommends using Google Smart Card Connector extension version 1.2.16.1 or later.
- Charismathics CSSI Smart Card Middleware
This middleware supports communication with the smart card and other client certificates, and is available as a download from the Chrome web store.
You might need to install root and intermediate certificates on the Chromebook. For more information, see the Google Chrome OS documentation.
Agent Software Requirements
An administrator must install one of the following middleware on the agent machine, depending on the authentication requirements of your organization:
- Charismathics CSSI Smart Card Middleware
- HID Global ActivID ActivClient middleware
For the supported agent operating systems, see Feature Support for Chrome Clients.
Additional Smart Card Authentication Requirements
In addition to meeting the smart card requirements for Horizon Client for Chrome, other VMware Horizon 8 components must meet certain configuration requirements to support smart cards.
- Connection Server
- For information about configuring Connection Server to support smart card use, see the Horizon 8 Administration document.
- Unified Access Gateway appliances
- Unified Access Gateway 3.2 and later.
- Active Directory
- For information about tasks that an administrator might need to perform in Active Directory to implement smart card authentication, see the Horizon 8 Administration document.