Choose “Personal Info Exchange (.p12)” format. Then, select the entry and hit ⇧⌘E (Shift-Command-E) to export the item. You now should have the certificate and the corresponding private key listed in the Keychain Access app, like this: Head over to the IST website and generate a certificate. The first part describes how to install (import) a certificate on Yubikey, taking the MIT certificate as an example.
The first part describes how to install a certificate on Yubikey, and the second part discusses about the support of Smart Card on latest macOS releases. Previously I had a post on how to install MIT certificate on Yubikey, so I decided to update that post and add some up-to-date information. PIV Smart Card support on macOS has changed a lot (for the better) in the past several years, and many tutorials/documentations on the internet are no longer relevant, even the ones maintained by Yubico. So I spent some time figuring out how to install a certificate on it and use that to log in to MIT websites on macOS. Fortunately, I have a Yubikey on my keyring which happens to provide PIV Smart Card functionality.
Personally I regard this method as superior to traditional password-based authentication, but sometimes I need to log in on a new machine and it is neither convenient nor secure to install certificate on every machine that I may use.
MIT uses certificates to authenticate users. Index A Contemporary Overview of Smart Card Support on macOS Why Smart Card?
0 kommentar(er)
