Bypassing a user passcode when accessing a gateway of a virtual disktop infrastructure system

The invention claimed is: 1 . A method to perform an authentication process between a user device and a server for a virtual desktop infrastructure (VDI) provided by a virtualized computing environment, the method comprising: storing, on the user device, a certificate and a corresponding private key used to authenticate the user device to the server, wherein the certificate and private key are pre-installed in an operating system of the user device, and wherein at least one of the certificate or the private key is protected by a passcode, wherein the passcode comprises a personal identification number (PIN) that is unknown to a user of the user device; selecting, by a client service for the VDI, the certificate from amongst a list of certificates that are pre-installed in the user device and that are valid for the server; sending, by the client service, the certificate to the server in response to a request from the server for the certificate; unlocking, by the client service, the private key using a public interface, wherein unlocking the private key using the public interface bypasses entry of the passcode by the user, and wherein unlocking includes: sending, by the client service via the public interface, an instruction to a certificate access and PIN manager to unlock the private key; and in response to the instruction, using the PIN, by the certificate access and PIN manager, to enable a cryptography session handler to operate the private key to sign the request to validate the certificate; and using, by the client service in conjunction with the user device, the private key to sign a response to a request from the server to validate the certificate. 2 . The method of claim 1 , further comprising: displaying, by the client service, the list of certificates by using the public interface to instruct the certificate access and PIN manager to use the PIN to identify the certificates from a protected storage, to generate the list of certificates from the identified certificates, and to provide the list of certificates to the client service. 3 . The method of claim 1 , wherein the public interface includes an application program interface. 4 . The method of claim 1 , wherein the authentication process is part of a two-way transport layer security (TLS) handshake, and wherein selecting the certificate is performed before starting the TLS handshake. 5 . The method of claim 1 , wherein unlocking the private key and using the private key to sign the response is performed in a background process of the user device. 6 . A non-transitory computer-readable medium having instructions stored thereon, which in response to execution by one or more processors, cause the one or more processors to perform a method for an authentication process between a user device and a server for a virtual desktop infrastructure (VDI) provided by a virtualized computing environment, wherein the method comprises: storing, on the user device, a certificate and a corresponding private key used to authenticate the user device to the server, wherein the certificate and private key are pre-installed in an operating system of the user device, and wherein at least one of the certificate or the private key is protected by a passcode, wherein the passcode comprises a personal identification number (PIN) that is unknown to a user of the user device; selecting, by a client service for the VDI, the certificate from amongst a list of certificates that are pre-installed in the user device and that are valid for the server; sending, by the client service, the certificate to the server in response to a request from the server for the certificate; unlocking, by the client service, the private key using a public interface, wherein unlocking the private key using the public interface bypasses entry of the passcode by the user, and wherein unlocking includes: sending, by the client service via the public interface, an instruction to a certificate access and PIN manager to unlock the private key; and in response to the instruction, using the PIN, by the certificate access and PIN manager to enable a cryptography session handler to operate the private key to sign the request to validate the certificate; and using, by the client service in conjunction with the user device, the private key to sign a response to a request from the server to validate the certificate. 7 . The non-transitory computer-readable medium of claim 6 , wherein the method further comprises: displaying, by the client service, the list of certificates by using the public interface to instruct the certificate access and PIN manager to use the PIN to identify the certificates from a protected storage, to generate the list of certificates from the identified certificates, and to provide the list of certificates to the client service. 8 . The non-transitory computer-readable medium of claim 6 , wherein the public interface includes an application program interface. 9 . The non-transitory computer-readable medium of claim 6 , wherein the authentication process is part of a two-way transport layer security (TLS) handshake, and wherein selecting the certificate is performed before starting the TLS handshake. 10 . The non-transitory computer-readable medium of claim 6 , wherein unlocking the private key and using the private key to sign the response is performed in a background process of the user device. 11 . A computing device, comprising: a processor, and a non-transitory computer-readable medium coupled to the processor and having instructions stored thereon, which in response to execution by one or more processors, cause the one or more processors to perform an authentication process between the computing device and a server for a virtual desktop infrastructure (VDI) provided by a virtualized computing environment, wherein the instructions cause the processor to: store, on the computing device, a certificate and a corresponding private key used to authenticate the computing device to the server, wherein the certificate and private key are pre-installed in an operating system of the computing device, and wherein at least one of the certificate or the private key is protected by a passcode, wherein the passcode comprises a personal identification number (PIN) that is unknown to a user of the computing device; select, by a client service for the VDI, the certificate from amongst a list of certificates that are pre-installed in the computing device and that are valid for the server; send, by the client service, the certificate to the server in response to a request from the server for the certificate; unlock, by the client service, the private key using a public interface, wherein unlocking the private key using the public interface bypasses entry of the passcode by the user, and wherein unlocking includes: sending, by the client service via the public interface, an instruction to a certificate access and PIN manager to unlock the private key; and in response to the instruction, using the PIN, by the certificate access and PIN manager to enable a cryptography session handler to operate the private key to sign the request to validate the certificate; and use, by the client service in conjunction with the computing device, the private key to sign a response to a request from the server to validate the certificate. 12 . The computing device of claim 11 , wherein the instructions further cause the processor to: display, by the client service, the list of certificates by using the public interface to instruct the certificate access and PIN manager to use the PIN to identify the certificates from a protected storage, to genera