Jump to content
Welcome to our new Citrix community!

Two factor authentication if no client certificate exists

Recommended Posts



according to https://support.citrix.com/article/CTX205823 the following is possible: "require two-factor authentication if a valid Client Certificate is not provided".


With which feature/technique do I accomplish this?


I have configured a client certificate check (smartcard) but how do I setup a different two factor authentication if no certificate was provided?


Kind regards

Link to comment
Share on other sites

Thanks, so I should definitely should look into nFactor.


Nevertheless: is there a simple way to do this without nFactor? In theory something like a policy which checks if a client certificate was presented and if not the user needs to authenticate in an additional way. Can I check if a client certificate is present (something like CLIENT.SSL.CLIENT_CERT.EXISTS)?

Link to comment
Share on other sites

  • 5 weeks later...


Certificate auth: If Successful, LDAP only. If Failure, LDAP+RADIUS



i guess, this works only for user Certificates, not for computer certificate ? validate a computer certificate and based on the result one ore two factor section display is only possible with endpoint epa - right ?

This solution is often requested in my customer environment.




Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...