PREREQUISITES AND WARNINGS
Currently, the Caradigm feature is available only on ThinOX version 10.0.10. On that version only Citrix Receiver version 13.x can be used, you cannot use the legacy mode (that use the Citrix receiver version 12.y).
¶ Thin Client configuration
- Go to setting -> Control Panel -> Caradigm -> Enable
- Insert the VAULT address, e.g., https://caradigm.contoso.com with port 8443 (default)
- Insert the EGPGroup name, e.g., DEFAULTGROUP
- Insert the default network domain, e.g., contoso.com
- Configure the Citrix Connection Import the Caradigm CA chain for the vault server. a. Enable it and click on settings b. Add the Citrix XenDesktop service site URL, e.g., https://citrix.contoso.com orhttps://citrix.contoso.com/citrix/store/pnagent/config.xml c. Press OK and OK again
- Import the Thin Client Private Key. Each Thin Client has its own private key and self-signed certificate. However, you can import the private related the certificated issued by your Certification Authority.
- Import the Thin Client Certificate. Each Thin Client has its own private key and self-signed certificate. However, you can import the certificated issued by your Certification Authority, with the corresponding private key.
- Press OK to confirm the Caradigm client settings
- Press OK, the Thin Client will reboot.
¶ Caradigm Server
- Go to you Caradigm server web interface, e.g., https://caradigm.contoso.com:10000
- Go Appliance Tab -> Thin Client Certificates
- Import the Thin Client Certificates. Please note that you can import each Thin Client certificate or configure a thin client as a "master configuration" and use such a configuration to generate a profile applied to all the other devices. In the latter case, you will use only one certificate/private key for all the thin clients using that specific profile. Thus, only one certificate will be imported on the Caradigm Vault server in the Thin Client Certificates under the appliance tab.
¶ Caradigm Server with the badge
- Add the Badge ID Mapping parameters on the TAP server page, under the Caradigm SSO & Context Management menu, as follow: a. Identity Field Name = Vendor b. Identity Field Value = Praim c. Badge ID Format = Decimal
¶ Notes
- Thin client certificates. Each Thin Client generates its pair of private key and self-signed certificate. The latter must be imported on the Caradigm Vault server in the Thin Client Certificates under the appliance tab. In addition, the client certificate filter should be configured. In case you use the self-signed certificate, you need to uncheck the "Reject Self-Signed Certificates" on the TAP server page.