Web Analytics

Time needed: 15 minutes

A FIPS 140-2 validated security key USB token with an installed SSL.com EV Code Signing or Business Identity certificate will have its PIN blocked after three unsuccessful attempts to enter it. When the PIN is blocked, it is impossible to use your YubiKey to sign code or document files. If this has happened to you, here’s how to reset the PIN and start over.

  1. Download and Install YubiKey Manager.

    YubiKey Manager is Yubico’s configuration tool for Windows, macOS, and Linux. Navigate to the YubiKey Manager download page, download the installer for your OS, and install the software.

    YubiKey Manager download page

  2. Retrieve your PUK.

    Log into your SSL.com user account and retrieve the PIN unlock key (PUK) from the order. For instructions on viewing your YubiKey’s PUK, please refer to this how-to. Note that the PUK is labeled the “Admin PIN” in SSL.com’s user portal.
    serial number, PIN and PUK

  3. Insert YubiKey and launch YubiKey Manager.

    Insert the YubiKey into your computer and launch the YubiKey Manager application. YubiKey Manager should display your YubiKey’s model and serial number.

    YubiKey Manager

  4. Select the PIV application.

    Select Applications > PIV from the YubiKey menu.

    Applications > PIV

  5. Click the “Configure PINs” button.

    Click the Configure PINs button, located under the PIN Management heading.

    Configure PINs

  6. Click Unblock PIN button.

    YubiKey Manager will let you know if the PIN is blocked. Click the Unblock PIN button.

    Unblock PIN

  7. Enter PUK and new PIN.

    Enter your PUK, then create and confirm a new PIN of at least 7 characters. When you are finished, click the Unblock PIN button.
    Enter PUK and new PIN

  8. Finished!

    Your PIN is now unblocked and you can go back to signing files. Note that the Unblock PIN button has changed to Change PIN.
    PIN reset

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com and stay informed of the latest changes about digital identity and encryption that can impact and enhance your life.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.