diff --git a/signer/api/ecdsa_hardware_crypto_service.go b/signer/api/ecdsa_hardware_crypto_service.go
index 75aa5bf9df..5439e05b7e 100644
--- a/signer/api/ecdsa_hardware_crypto_service.go
+++ b/signer/api/ecdsa_hardware_crypto_service.go
@@ -514,7 +514,14 @@ func (s *YubiKeyStore) AddKey(keyID, role string, privKey data.PrivateKey) error
 		return err
 	}
 	logrus.Debugf("Using yubikey slot %v", slot)
-	return addECDSAKey(ctx, session, privKey, slot, s.passRetriever, role)
+	err = addECDSAKey(ctx, session, privKey, slot, s.passRetriever, role)
+	if err == nil {
+		s.keys[privKey.ID()] = yubiSlot{
+			role:   role,
+			slotID: slot,
+		}
+	}
+	return err
 }
 
 func (s *YubiKeyStore) GetKey(keyID string) (data.PrivateKey, string, error) {