New Setup
- Run the YubiKey Manager application and insert your key
- Click on on Applications and then click on PIV
Change PIN if YubiKey is fresh out of the box or it's been defaulted
Note skip to (II. Determine Which Certificate Is Right For Me?to Use) if YubiKey is already initialized
- Click on Configure PINs
Note The PIN used to unlock and utilize the certificates on the YubiKey. You will have 3 tries to input the correct PIN.
Click Change PIN and then check Use default (if it is default).
Choose a PIN between 6 - 8 characters.
Finish with changing PIN by clicking on Change PIN
Note The PIN PUK is used to unlock and utilize the certificates on the YubiKeyunblock the PIN if it becomes locked. You will have have 3 tries to input unblock the correct PIN.
Click on Change PUK and then check Use default (if it is default).
Choose a PUK between 6 - 8 characters.
Finish with changing PUK by clicking on Change PUK
Note The PUK is used to unblock the PIN if it becomes locked. You will have 3 tries to unblock the PIN.
Management Key is utilized for all PIV operations on the YubiKey. This will be needed when generating new certificates.
This will be needed in the next section.
You should store this in a secure repository.Warning The Management Key is needed in creating a certificate.
The Management Key is longer than what is visible. It should be 64 characters long.
You need to store this in a secure repository.
Click on Change Management Key and then check Use default (if it is default).
Click on Generate a few times to randomly create a new management key.
Choose AES256 as Algorithm.
Finish with changing the key by clicking on FinishNote
You should store this in a secure repository.
- Click on Configure PINs