Index: build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh
==================================================================
--- build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh
+++ build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh
@@ -1,3 +1,8 @@
 #!/bin/bash
 chmod -R go+rX /Library/Security/tokend/PKCS11.tokend
 chown -R root:wheel /Library/Security/tokend/PKCS11.tokend
+
+# If on Sierra or newer, disable the pivtoken CryptoTokenKit
+if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
+	security smartcards token -d com.apple.CryptoTokenKit.pivtoken
+fi

Index: build/cackey_osx_build/cackey_osx_uninstall.sh
==================================================================
--- build/cackey_osx_build/cackey_osx_uninstall.sh
+++ build/cackey_osx_build/cackey_osx_uninstall.sh
@@ -17,5 +17,11 @@
 # Forget about packages installed
 echo "Removing saved Mac OS X package information for CACKey..."
 for package in `pkgutil --pkgs | grep -i CACKey`; do
 	pkgutil --forget ${package}
 done
+
+# If on Sierra or newer, reenable the pivtoken CryptoTokenKit
+echo "Reenabling the builtin pivtoken CryptoTokenKit..."
+if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
+	security smartcards token -e com.apple.CryptoTokenKit.pivtoken
+fi