This guide covers the code signing installation process for YubiKey 5 FIPS HSM devices. You must have generated your code signing Certificate Signing Request (CSR) on your YubiKey 5 FIPS HSM to follow this process.
You will receive your code signing certificate from Sectigo after the validation process is completed and the certificate is issued. Follow these steps to install the code signing certificate on your YubiKey 5 FIPS HSM device.
Install Code Signing on YubiKey 5 FIPS HSM
1. Launch YubiKey Manager and navigate to Applications > PIV.
2. Click Configure Certificates.
3. Select the Authentication tab for the same YubiKey slot where you generated the key pair (our CSR generation instructions recommended Slot 9a)
4. Click Import.
5. Navigate to the directory where you saved the code signing certificate file you received from Sectigo and click Import.
6. Enter your YubiKey 5 FIPS device's management key and click OK.
7. Enter your YubiKey 5 FIPS device's PIN and click OK.
You may also wish to install the code signing certificate's intermediate and root certificates as provided by Sectigo to ensure the complete chain of trust applies to your digital signatures across all computers.