This article covers configuring Firefox on Windows for use with the YubiKey's PIV smart card application. This article assumes Firefox is already installed.
First, download and install the Yubico PIV Tool from this page. Make sure to choose an installer based on whether you have 32 or 64-bit Firefox installed; this will not always match your OS.
After installing, the Yubico PIV Tool\bin directory needs to be added to the system path in order for other applications to be able to load the PKCS #11 module it contains (YKCS11). This is because libykcs11.dll is dynamically linked to libykpiv.dll and libcrypto-1_1.dll, and both of them need to be accessible for YKCS11 to be useful.
On Windows 10, setting the system path is done by following these steps:
- Open the Control Panel and select System and Security → System → Advanced System Settings.
- Click Environment Variables…
- Under System variables, select Path and click Edit…
- Click New and add the absolute path to the Yubico PIV Tool\bin directory. The default locations are:
- for x64 - C:\Program Files\Yubico\Yubico PIV Tool\bin
- for x86 - C:\Program Files (x86)\Yubico\Yubico PIV Tool\bin
- Click OK to confirm your changes in all windows, then reboot your system so the changes will take effect.
Once the system path variable has been updated and your computer rebooted, follow the instructions below to configure Firefox to load ykcs11.
- With the Firefox window active, press Alt, T, then S, one at a time. Alternatively, from the Firefox taskbar, click the three bar menu button, and then click Settings.
- Click the Privacy & Security menu from the left-hand navigation.
- Scroll down until you see the Certificates heading, then click Security Devices.
- At the Device Manager window, click the Load button and enter this module name: Yubico YKCS11 Module.
- Click Browse..., browse to the Yubico PIV Tool\bin directory, and double-click the file libykcs11.dll. The default locations are:
- for x64 - C:\Program Files\Yubico\Yubico PIV Tool\bin
- for x86 - C:\Program Files (x86)\Yubico\Yubico PIV Tool\bin
- Click OK in the load popup and Device Manager window to confirm your changes.
- Close and reopen Firefox, insert your YubiKey and reopen Security Devices to ensure the YubiKey is loaded.