Yubico Forum https://forum.yubico.com/ |
|
[solved] - How issue a certificate onto to the yubikey 4? https://forum.yubico.com/viewtopic.php?f=35&t=2425 |
Page 1 of 1 |
Author: | pkiguy78 [ Thu Sep 15, 2016 11:41 am ] |
Post subject: | [solved] - How issue a certificate onto to the yubikey 4? |
How do i issue a certificate onto to the yubikey 4 (without importing)? test env: windows server 2016 servers - DC & ADCS CA. Windows 10 version 1607 (OS build 14393.0) all machines are in a single AD domain. YubiKey PIV manager - version 1.3.0. Library version ykpiv 1.4.2 I've read all the supporting documents, followed the instructions and still cannot get a certificate issued to the YubiKey 4. Using PIV manager, it doesn't not recognise the user "is connected to a MS CA". The option to choose the MS CA doesn't appear. the win10 machine is connected to the domain. This error occurs is the user is a regular Domain user and a Domain Administrator. using the "certificates" msc console. the YubiKey appears as read-only smart card. so the certificate can't be written to the YubiKey 4. Any help is much appreciated. |
Author: | ChrisHalos [ Thu Sep 15, 2016 4:37 pm ] |
Post subject: | Re: [Question] - How issue a certificate onto to the yubikey |
There was a post about this about a week ago - viewtopic.php?f=30&t=2412 Short answer - use 1.2.1 until 1.4.0 is released (likely early next week prior to the public macOS Sierra launch) - https://developers.yubico.com/yubikey-p ... Notes.html |
Author: | pkiguy78 [ Thu Sep 15, 2016 6:38 pm ] |
Post subject: | Re: [Question] - How issue a certificate onto to the yubikey |
Thanks. I've started using PIV-manager v1.2.1 I can now submit the CSR to the windows CA, however there's now more errors. After removing and reinserting the YubiKey 4 the PIV application locked itself out. this has happened to 2 keys so far. is there an easy way to unlock/reset/reset the YubiKey 4 so that it's PIV-enabled again using windows? the yubico-piv-tool look like it's only for linux. |
Author: | ChrisHalos [ Thu Sep 15, 2016 11:24 pm ] |
Post subject: | Re: [Question] - How issue a certificate onto to the yubikey |
Yubico PIV Tool is available for OS X and Windows as well: https://developers.yubico.com/yubico-piv-tool/Releases/ The difference is that you don't install it, you use Terminal (OS X) or Command Prompt (Windows), change directory to the folder's bin directory, and run the commands from there. The PIV applet can also be reset from YubiKey PIV Manager (Manage device PINs) - lock out the PIN and PUK (this is already locked if you used the default options when initializing the applet with YubiKey PIV Manager), and then reset. |
Author: | pkiguy78 [ Fri Sep 16, 2016 9:08 am ] |
Post subject: | Re: [Question] - How issue a certificate onto to the yubikey |
Thanks again. Very late last night I found the windows version after i had installed the Linux version using "bash for Ubuntu on win 10". |
Page 1 of 1 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |