StoreFront

System requirements

Before you install StoreFront, review Plan your StoreFront deployment.

StoreFront server requirements

Software

Citrix has tested and provides support for StoreFront installations on the following platforms:

  • Windows Server 2022 Datacenter and Standard editions
  • Windows Server 2019 Datacenter and Standard editions
  • Windows Server 2016 Datacenter and Standard editions

Note:

StoreFront requires the Windows desktop experience so cannot be installed on Windows Server Core.

All StoreFront servers in a server group must use the same operating system version, language and locale.

Upgrading the operating system version on a server running StoreFront is not supported. Citrix recommends that you install StoreFront on a new installation of the operating system.

Before you can install StoreFront, the following Windows features must be enabled on the web server. These components are enabled by default on a new Windows installation so no action is required unless they have been explicitly uninstalled.

  • NET-Framework-45-Features
    • NET-Framework-45-Core
  • PowerShellRoot
    • PowerShell

If the version of .NET Framework installed is older than 4.7.2 then the installer automatically installs .NET Framework 4.7.2. Note this requires that the NET-Framework-45-Core Windows feature is already installed.

If the StoreFront installer detects that any of the following Windows features are missing, they are automatically installed:

  • Web-Server
    • Web-WebServer
      • Web-Common-Http
        • Web-Default-Doc
        • Web-Http-Errors
        • Web-Static-Content
        • Web-Http-Redirect
      • Web-Health
        • Web-Http-Logging
      • Web-Security
        • Web-Filtering
        • Web-Basic-Auth
        • Web-Windows-Auth
      • Web-App-Dev
        • Web-Net-Ext45
        • Web-AppInit
        • Web-Asp-Net45
        • Web-ISAPI-Ext
        • Web-ISAPI-Filter
      • Web-Mgmt-Tools
        • Web-Mgmt-Console
      • Web-Scripting-Tools
  • NET-Framework-45-Features
    • NET-Framework-45-ASPNET
    • NET-WCF-Services45
      • NET-WCF-TCP-PortSharing45

It is possible to move the IIS website to a different directory or drive before installing StoreFront. The relative path to StoreFront in IIS must be the same on all the servers in a server group.

Hardware

Storefront servers must meet the following requirements:

  • Processor: Minimum 2 virtual CPUs, recommended 4 virtual CPUs

  • RAM: 4GB, plus 700 bytes per resource available, per user.

  • Storage:

    • 250MB for StoreFront itself.
    • 30MB for each store, assuming one website per store.
    • For each store with favorites enabled, 5MB plus 8MB for each 1000 favorites.
    • Sufficient space for IIS log files according to your requirements, see Microsoft documentation on Managing IIS Log File Storage.
    • Sufficient space for StoreFront diagnostics logs. By default StoreFront keeps 1GB of logs per service. A StoreFront deployment typically has 1 roaming service plus 3 services per store (store service, auth service and receiver for web service). See Troubleshoot storefront.

Network

StoreFront uses the following ports for communication. Ensure your firewalls and other network devices permit access to these ports.

  • Clients connect to StoreFront using HTTPS or HTTP, normally over port 443 or 80 respectively, depending on IIS configuration. It is recommended that you enable HTTPS and disable HTTP within IIS.
  • TCP port 808 is used for communications between StoreFront servers within a server group.
  • A TCP port randomly selected from all unreserved ports is used for communications between the StoreFront servers in a server group. When you install StoreFront, a Windows Firewall rule is configured enabling access to the StoreFront executable. However, since the port is assigned randomly, you must ensure that any firewalls or other devices on your internal network do not block traffic to any of the unassigned TCP ports.
  • TCP port 8008 is used by Citrix Workspace app for HTML5, or supported versions of Citrix Workspace app, where enabled, for communications from local users on the internal network to the servers providing their desktops and applications.
  • If you are using a NetScaler load balancer with a StoreFront monitor, it needs to connect to the Citrix Service monitor. By default this runs on TCP port 8000 but can alternatively be configured to run over HTTPS on port 443. See Load balancing with NetScaler ADC.

StoreFront supports both pure IPv6 networks and dual-stack IPv4/IPv6 environments.

Active directory

Many StoreFront features require the Windows server on which StoreFront is installed to be joined to an Active Directory domain. StoreFront cannot be installed on a domain controller.

For StoreFront to authenticate users against Microsoft Active Directory, ensure the StoreFront server is joined to either the domain containing your users’ accounts or a domain that has a trust relationship with the user accounts domain. This is always required for domain pass-through. For username and password authentication this is required by default, alternatively you can configure StoreFront to delegate authentication to the delivery controllers.

If you install StoreFront on a non-domain-joined server then the following features are not available:

  • Server groups
  • Favorites
  • Authentication methods other than explicit username and password, either directly to StoreFront or via a Gateway. You must configure StoreFront to delegate authentication to the delivery controller.

Storing subscription data using Microsoft SQL Server

You can optionally Store subscription data using Microsoft SQL Server. StoreFront supports same Microsoft SQL Server versions for this as Citrix Virtual Apps and Desktops does for databases. In Citrix Virtual Apps and Desktops system requirements, see Databases.

Infrastructure requirements

Citrix has tested and provides support for StoreFront when used with the following Citrix product versions.

Citrix Virtual Apps and Desktops

StoreFront supports the following versions of Citrix Virtual Apps and Desktops:

  • Citrix Virtual Apps and Desktops 2402 LTSR
  • Citrix Virtual Apps and Desktops 2311
  • Citrix Virtual Apps and Desktops 2308
  • Citrix Virtual Apps and Desktops 2305
  • Citrix Virtual Apps and Desktops 2203 LTSR
  • Citrix Virtual Apps and Desktops 1912 LTSR

Citrix Gateway

The following versions of Citrix Gateway can be used to provide access to StoreFront for users on public networks.

  • Citrix Gateway 14.1
  • Citrix Gateway 13.1
  • Citrix Gateway 13.0

Connections through Citrix Gateway can be made using the ICA proxy, Citrix Gateway plug-in, or clientless VPN (cVPN).

User device requirements

StoreFront provides various options for users to access their desktops and applications. Citrix users can either access stores through locally installed Citrix Workspace app, or within their browser. For more information, see User access options.

Locally installed Citrix Workspace app

You can use all currently supported versions of Citrix Workspace app to access StoreFront stores from both internal network connections and through a Citrix Gateway. For Citrix Workspace app lifecycle dates, see https://www.citrix.com/support/product-lifecycle/workspace-app.html.

Older versions of Citrix Workspace app and Citrix Receiver may work but are not supported.

Web browsers

End-users can access stores using a web browser. Apps and desktops can be launched either via a locally installed Citrix Workspace app (known as hybrid launch), or within the web browser. Depending on your website configuration, it is possible for end users to switch between the two launch methods.

Use latest versions of the following browsers.

On Windows:

  • Microsoft Edge
  • Google Chrome
  • Mozilla Firefox
  • Internet Explorer 11 - only for accessing the store, not for connecting to resources.

On Mac:

  • Safari
  • Google Chrome
  • Mozilla Firefox

On Linux:

  • Google Chrome
  • Mozilla Firefox

For further information on requirements for using Citrix Workspace app for HTML5 to connect to resources through a web browser see Citrix Workspace app for HTML5 documentation.

Citrix Workspace Web Extensions

For an improved experience, it is recommended that users add Citrix Workspace Web Extension to their web browser. For requirements, see Citrix Workspace Web Extension.

Legacy devices

Legacy Citrix clients can use XenApp Services URLs to access StoreFront stores with reduced functionality. XenApp Services URLs provide backward compatible legacy support for connections made by Citrix Receiver 3.4 Enterprise and older clients. This functionality is deprecated and will be removed from a future release.

Smart card requirements

Using Citrix Workspace app with smart cards

Citrix tests for compatibility with the U.S. Government Dept. Of Defense Common Access Card (CAC), U.S. National Institute of Standards and Technology Personal Identity Verification (NIST PIV) cards, and some USB smart card tokens. You can use contact card readers that comply with the USB Chip/Smart Card Interface Devices (CCID) specification and are classified by the German Zentraler Kreditausschuss (ZKA) as Class 1 smart card readers. ZKA Class 1 contact card readers require that users insert their smart cards into the reader. Other types of smart card readers, including Class 2 readers (which have keypads for entering PINs), contactless readers, and virtual smart cards based on Trusted Platform Module (TPM) chips, are not supported.

For Windows devices, smart card support is based on Microsoft Personal Computer/Smart Card (PC/SC) standard specifications. As a minimum requirement, smart cards and card readers must be supported by the operating system and have received Windows Hardware Certification.

For more information about Citrix-compatible smart cards and middleware, see Smart cards in the Citrix Virtual Apps and Desktops documentation, and http://www.citrix.com/ready.

Citrix Analytics service requirements

You can configure Citrix StoreFront so that Citrix Workspace app can send data to the Citrix Analytics service. Configuration details are described in Citrix Analytics service. This functionality is supported for the following scenarios:

  • Stores which are accessed by web browsers.
  • Stores which are accessed from Citrix Workspace app 1903 for Windows or later.
  • Stores which are accessed from Citrix Workspace app 1901 for Linux or later.