DEV Community

Anna Shipman
Anna Shipman

Posted on

How to Install Code Signing Certificate in YubiKey?

yubikey-codesigning-certificate-installation
All of us are aware of the YubiKey hardware device that offers encryption and safe authentication of stored data, as well as the creation and management of public and private keys, preventing unauthorized personnel from accessing the key or the certificate details stored in the device.

Also, the YubiKey device can be used in multiple processes like Key generation and CSR attestation, which are primary tasks required for obtaining code signing certificate using the YubiKey Manager tool.

After you receive your OV or EV code signing certificate successfully, the next step is installing your code signing certificate on the YubiKey device using the same YubiKey Manager tool.

Hence, let's glance through an easy-to-follow tutorial enabling you to install your code signing certificate on the YubiKey without any hassles.

Step 1

To begin with, Open the YubiKey Manager tool which you have downloaded from Yubico's website and installed on your system.

Step 2

Once your YubiKey tool is open, go to Applications and select PIV from the drop down list.

yubikey-tool-step-2

Step 3

On the PIV section, select the Configure Certificates option, as shown in the middle of the below image.

yubikey-tool-step-3

Step 4

After completing the Step 3, you are required to choose the tab corresponding to the YubiKey slot where the key pair was generated for authentication.

yubikey-tool-step-4

Step 5

Now, please click on the Import Button

yubikey-tool-step-5

Step 6

In Step 6, on the Import Window, you need to locate the file containing your end-entity certificate or your code signing certificate and click on the Import button.

yubikey-tool-step-6

Step 7

If prompted, access the management key for your YubiKey, followed by clicking the OK Button (as per the below image).

yubikey-tool-step-7

Step 8

On successful completion of Step 7, your YubiKey will have installed your new code signing certificate there, as shown in the below image.

yubikey-tool-step-8
Moreover, in this last step of the certificate installation process, you must also install all the root and intermediate certificates on the YubiKey, which ensures your digital signatures are trusted on all the computer systems.

Conclusion

To conclude, following each step in the ascending order and completing the aforesaid 8-Step Process will enable successful installation of your issued code signing certificate on the YubiKey allowing you to digitally code sign, whereby a trusted source has verified the signature and that your YubiKey is secure.

Top comments (0)