Steps to Install Code Signing Certificate in Your YubiKey
In our previous post, we have explained what is YubiKey, How to Generate Private Key and CSR Attestation with YubiKey Manager
Once you receive your OV or EV code signing certificate, install it on your YubiKey. This is done using the YubiKey Manager tool. Keep following the steps below for better execution of the process:
Step 1: Open YubiKey Manager and go to Applications, then click PIV.
Step 2: From there, select the Configure Certificates option.
Step 3: Choose the tab corresponding to the YubiKey slot where the key pair was generated.
Step 4: In the next step, click on the Import button.
Step 5: Locate the file containing your end-entity certificate and select the Import option.
Step 6: Access the management key for your YubiKey, if prompted. Now, click OK.
- Your YubiKey’s Default management key is 010203040506070801020304050607080102030405060708
- Your YubiKey’s Default PIN is 123456
Step 7: Your YubiKey will now have the new EV code signing certificate installed there.
Step 8: For absolute faith, you should also install the root and intermediate certificates on your YubiKey. Doing this will ensure that your digital signatures are trusted on all computers.
Recommended: Install the Root and Intermediate Certificates on your YubiKey
Congratulations! You have successfully installed the certificate on your YubiKey. This will allow you to confidently sign your code, knowing that a trusted source has verified it and that your YubiKey is secure.
