🟣slot_9e.cnf
Certreq config template for Yubikey's PIV 9E Slot (Card Authentication).
The template below is just an example of how you can populate slot 9E. You can populate your PIV slots with whatever you deem appropriate.
This certificate and its associated private key is used to support additional physical access applications, such as providing physical access to buildings via PIV-enabled door locks. The following template creates a certificate for Bitlocker Encryption / EFS.
The difference between using slot 9D and 9E for encryption is that each slot has different PIN policies in place. You can manually change the pin policies for a slot if you import the PIV certificate using ykman. Currently, the Yubikey Manager does not allow PIN policies to be modified.
SLOT | PIN Policy |
---|---|
| The end user PIN is required to perform any private key operations. Once the PIN has been provided successfully, multiple private key operations may be performed without additional cardholder consent. |
| The end user PIN is NOT required to perform private key operations for this slot. |
CREATE FILE
EXAMPLE CONFIG
Last updated