Steps to Install Code Signing Certificate in Your YubiKey

Install Code Signing Certificate in YubiKey

In our previous post, we have explained what is YubiKey, How to Generate Private Key and CSR Attestation with YubiKey Manager

Secure your Code Signing Certificate with YubiKey

Code Signing Certificates ensure the software’s integrity and authenticity. Whereas YubiKey is a hardware-based authentication device for code signing certificate security.

Once you receive your OV or EV code signing certificate, install it on your YubiKey. This is done using the YubiKey Manager tool. Keep following the steps below for better execution of the process:

Step 1: Open YubiKey Manager and go to Applications, then click PIV

Plugin YubiKey 5 NFC FIPS Series
YubiKey Manager Application PIV

Step 2: From there, select the Configure Certificates option. 

YubiKey PIV Manager Configure Certificates

Step 3: Choose the tab corresponding to the YubiKey slot where the key pair was generated.

YubiKey Manager Authentication

Step 4: In the next step, click on the Import button. 

Import

Step 5: Locate the file containing your end-entity certificate and select the Import option. 

Import CRT File

Step 6: Access the management key for your YubiKey, if prompted. Now, click OK

Enter YubiKey Management Key
  • Your YubiKey’s Default management key is 010203040506070801020304050607080102030405060708
  • Your YubiKey’s Default PIN is 123456

Step 7: Your YubiKey will now have the new EV code signing certificate installed there.

Collect EV code Signing Certificate

Step 8: You should also install the root and intermediate certificates on your YubiKey for absolute faith. Doing this will ensure that your digital signatures are trusted on all computers.

Recommended: Install the Root and Intermediate Certificates on your YubiKey

Congratulations! You have successfully installed the certificate on your YubiKey. This will allow you to confidently sign your code, knowing that a trusted source has verified it and that your YubiKey is secure.

Code Signing Tutorials

Cheap Code Signing Certificates

Prevent Code Tampering and Authenticate Code Integrity by Digitally Sign your Code with Trusted Code Signing Certificates.

Starting at Just $215.99/Year
Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.