Page Comparison

Overview

This process outlines how to attest the certificates on the Yubikey with the Yubico provided certifcate in slot f9.

Prerequisites

• YubiKey 4 and newer
• Yubikey Manager
  • Download direct from Yubico: https://www.yubico.com/support/download/yubikey-manager/#h-downloads
  • Windows
    • https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-latest-win64.exe
  • Mac
    • https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-latest-mac.pkg
  • Linux
    
    • Src - https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-latest.tar.gz

Process

Attestation

1. Install Yubikey Manager.

   Expand
   title Linux
   You should install yubikey-manager from your package manager. RHEL: You may also need to install EPEL

   
   

2. Insert YubiKey
   
   

3. Open a Terminal (Linux/Mac) or PowerShell (Windows).

   Expand
   title Windows
   Windows: Run the following to adding the Yubikey Manager cli tools to environment PATH Note Note: you must close and re-open your terminal for these to be picked up Code Block #Machine Wide (must be run with Administrative priviliges) $newPath = "$env:ProgramFiles\Yubico\Yubikey Manager;" + [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::Machine) [Environment]::SetEnvironmentVariable("PATH", $newPath, [EnvironmentVariableTarget]::Machine) #User Level $newPath = "$env:ProgramFiles\Yubico\Yubikey Manager;" + [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::User) [Environment]::SetEnvironmentVariable("PATH", $newPath, [EnvironmentVariableTarget]::User)

   
   

4. Run the following command to attest the certificate in slot 9a

   Code Block
   ykman piv keys attest 9a <path to save attested certificate>

   
   

5. Upload <path to save attested certificate> to appropriate location/persons.
   Maybe This (TBD)