Configure Touch Policy

This policy setting configures the list of certificate slots to show the Touch Policy setting for.

If you enable this policy setting, the option to choose the touch policy will be shown for the selected slots. These values are supported:
9a - Authentication
9c - Digital Signature
9d - Key Management
9e - Card Authentication

If you also select the "Always require touch on the slots above" option, the YubiKey will always require its button to be touched to perform any action with the private keys of the slots specified.

If you disable or do not configure this policy setting, the options will be hidden in the UI and the default slot-specific touch policies will be used.


Supported on: At least Windows Vista


Registry HiveHKEY_CURRENT_USER
Registry PathSoftware\Yubico\YubiKey PIV Manager
Value Nametouch_policy_slots
Value TypeREG_MULTI_SZ
Default Value
Always require touch on the slots above
Registry HiveHKEY_CURRENT_USER
Registry PathSoftware\Yubico\YubiKey PIV Manager
Value Nametouch_policy
Value TypeREG_SZ
Default Value
True Valuetrue
False Value

yubikey.admx