en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Configuring Your Business Identity Document Signing Certificate and YubiKey with Adobe Acrobat on macOS

Time needed: 20 minutes.

Before you can start using your Business Identity certificate to sign PDFs with Adobe Acrobat or Acrobat Reader on macOS, you will need to install and configure Yubico’s PKCS#11 module so that Acrobat can communicate with your YubiKey FIPS token. This how-to will guide you through the process.

  1. Download the Yubico PIV tool for macOS.

    Navigate to the Yubico PIV tool releases page and download the most recent version for macOS. The filename will end with mac.zip.
    PIV tool download page

  2. Unzip PIV tool.

    Unzip the PIV tool folder and put it somewhere you will remember it (like your macOS home directory).
    yubico PIV tool directory

  3. Open Acrobat preferences.

    Open Acrobat Pro or Acrobat Reader, then open the application preferences from the menu.
    Preferences

  4. Navigate to Identities & Trusted Certificates.

    Select Signatures from the left-hand Categories pane, then click the More… button under Identities & Trusted Certificates.
    Identities & Trusted Certificates

  5. Attach module.

    Select PKCS#11 Modules and Tokens in the left-hand pane, then click Attach Module.
    Attach Module

  6. Enter module path.

    Enter the path to /lib/libykcs11.dylib in the downloaded PIV tool folder. Since in this example we installed it in our home directory, the path will be entered as /Users/YOUR-USERNAME/yubico-piv-tool-2.0.0-mac/lib/libykcs11.dylib. (Replace YOUR-USERNAME with your actual macOS username). After you have entered the path, click the OK button.
    Locate a PKCS#11 Module

  7. Login to YubiKey.

    Click the > symbol to the left of PKCS#11 Modules and Tokens, then click PKCS#11 PIV Library. If your token shows a status of Logged out, click Login. (Note that the Login button may not appear until you roll your mouse off of PKCS#11 PIV Library.)
    Login

  8. Enter PIN.

    Enter your YubiKey PIN in the Password field, then click the OK button.
    Enter PIN

  9. Select certificate.

    Select YubiKey PIV #[serial number] from the left-hand pane, then select the certificate you want to use for signing. You can see that this certificate is intended for document signing in Acrobat from the information shown under Intended usage when the certificate is selected.
    Select certificate

  10. Set certificate usages.

    Select Use for Signing from the Usage Options drop-down menu. If you also wish to use the certificate to certify PDFs, open the menu again and select Use for Certifying as well (both items will be shown as checked when you are finished).
    Usage Options

  11. Close preferences.

    Click the Close button to close the settings window, then the OK button to close the Acrobat preferences.
    Close window

  12. Start signing documents.

    You’re all ready to start signing PDFs! Please refer to this how-to for general instructions for signing documents in Acrobat and Acrobat Reader. If you get an error message the first time you attempt to sign a document after setting up your YubiKey, we suggest restarting Acrobat before trying again. If you have any additional questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.
    Signed document

SSL.com’s Business Identity certificates offer secure S/MIME email protection, trusted digital signatures for Adobe PDF and Microsoft Office documents, and PKI-based client authentication, all for as low as $249.67 per year. They are delivered on secure YubiKey FIPS USB tokens with two-factor authentication.

ORDER NOW

Related How Tos

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Play Video

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com