A few years ago, it was realized that using number generating RSA keyfobs for authentication into VPNs was not a completely secure mechanism. Some companies that previously relied on RSA for this have migrated to using SmartCards with PINs instead. Combining this with enterprise products such as Citrix Receiver have worked pretty well so far.
With the release of OS X Yosemite, Citrix no longer works with SmartCard authentication. Both Apple and Citrix have acknowledged this, but according to the forums on those sites, it doesn't seem like a heck of a lot is happening to resolve the situation. As a result, people who use Macs at home to remote desktop to their office are unable to upgrade to Yosemite since it means that they'd no longer be able to work from home.
I'm curious if anyone has any idea or insight as to what exactly changed with Yosemite and why would it be taking so long for either Apple or Citrix to come up with a fix? You would get the impression that either Apple has completely broken the support and just doesn't care or Citrix can't get an engineer to make some tweaks.
Any idea as to what exactly was the breaking change and perhaps why would this be such a difficult problem to fix?
Best Answer
Now I don't know the answer to your questions, honestly, it's something only Apple can address with proper justifications and references. But your impression is correct, they just don't care. Back in the day I used to use my government CAC to log in to my system (not for websites, that was my login method), it was hacky and took a lot of sudo commands to accomplish, but worked. That went away with Mountain Lion, and further more, sending an encrypted email with a smart card is torturous, something that should be a priority (personal security) above all else. Such a shame because I loved being able to do that as opposed to a traditional phrase passcode. However, I can still use my CAC for government computers, the same with Mavericks, with a 3rd party application. And this is not a sale, i don't know anyone from this company but it's just an example, just saying there are 3rd parties out there, but I ended up shuffling 30 bucks together just to get on my normal work websites. You can look into it pKard honestly though, you best solution and the more sane in the long run, install Windows with boot camp.
You can review their forums regarding your issue here but it seems like its a locally approved process for this particular software. I have not researched others.