The PIN and Management Key will be needed to configure each certificate.

Go back to Applications and then PIV
1. Click on Configure Certificates
2. Click on Authentication (Slot 9a) and then Generate
  
  Authentication (Slot 9a) and Key Management (Slot 9d) can be used if more than 1 cert is needed (ala -admin)
3. Check the radio for Self-signed Certificate and then click Next
4. Select RSA2048 and then click on Next
5. Input a decent subject text (ala username) and then click on Next
6. Input a reasonable expiration time
  
  Current implementation does not care about expiration, so have fun with the date.
  For example, I chose my expected retirement date (not reflected in the picture below).
7. The next page gives you a summary of what you've done. Click Generate whenever you are ready.
8. You should then see the certificate in the slot you specified
Once complete, remove and re-insert the YubiKey for the certificate to be seen (specifically in Windows).

Browser not supported