Smart Card Certificate Provisioning with Yubico Authenticator

Now that your smart card certificates have been imported onto your YubiKey, you must provision the public portion of the certificates onto your iOS Keychain through Yubico Authenticator. After completing this step, you will be able to use the Smart Card on iOS feature to autheticate to the websites that require those smart card certificates on the Safari browser.

Provision Your Public Certificate

  1. If you haven’t already, download and install the Yubico Authenticator application onto your iOS device.

  2. Open Yubico Authenticator.

  3. On the home screen of Yubico Authenticator, click on the three dots (…) in the upper right corner of the screen and select Configuration.

    _images/configuration.png
  4. On the Configuration screen, select Setup smart card (PIV).

  5. Insert your YubiKey into your device. If you are using a YubiKey with NFC capabilities, scan your key.

  6. Once your YubiKey has been detected by the app, all certificates stored on your YubiKey will appear under CERTIFICATES ON YUBIKEY. To provision the public certificate from one of your PIV application slots to your iOS Keychain, click the appropriate (+) icon.

  7. If the provisioning was successful, the name of your certificate will appear under PUBLIC KEY CERTIFICATES ON IPHONE. You may remove certificates from your iOS Keychain at any time by clicking the () icon next to the certificate name.

    _images/add-certificate.png

Next Steps

Congratulations! Your public certificate has been provisioned to your iOS device, and you are now ready to authenticate to the website requiring that smart card certificate on Safari. See Authenticating with Smart Card on iOS for guidance.