diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml
index cbc1b6512da..595d7ed1f0e 100644
--- a/.github/workflows/e2e-tests.yml
+++ b/.github/workflows/e2e-tests.yml
@@ -31,6 +31,9 @@ on:
   pull_request:
   workflow_dispatch:
 
+env:
+  GO_VERSION: '1.21'
+
 jobs:
   e2e-secrets:
     strategy:
@@ -73,3 +76,17 @@ jobs:
       - name: Run e2e_signblob_tsa_mtls.sh
         shell: bash
         run: make && PATH="$PWD:$PATH" ./test/e2e_signblob_tsa_mtls.sh
+
+  e2e-test-pkcs11:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+        with:
+          go-version: ${{ env.GO_VERSION }}
+          check-latest: true
+
+      - name: Run pkcs11 end-to-end tests
+        shell: bash
+        run: ./test/e2e_test_pkcs11.sh
diff --git a/test/e2e_test_pkcs11.sh b/test/e2e_test_pkcs11.sh
new file mode 100755
index 00000000000..7ea933513fa
--- /dev/null
+++ b/test/e2e_test_pkcs11.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+# Copyright 2024 The Sigstore Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+# Test pkcs11 token signing
+CONTAINER_ID=$(docker run -dit --name softhsm -v $(pwd):/root/cosign -p 2345:2345 vegardit/softhsm2-pkcs11-proxy@sha256:557a65d2a14e3986f2389d36ddce75609cbd8fb7ee6cf08a78adcc8236c2a80e)
+
+docker exec -i $CONTAINER_ID /bin/bash << 'EOF'
+
+apk update
+
+# add make pcsc-lite-libs go command
+apk add make build-base go
+
+cd /root/cosign
+
+softhsm2-util --init-token --free --label "My Token" --pin 1234 --so-pin 1234
+go test -v -cover -coverprofile=./cover.out -tags=softhsm,pkcs11key -coverpkg github.com/sigstore/cosign/v2/pkg/cosign/pkcs11key test/pkcs11_test.go
+
+EOF
+
+cleanup_pkcs11() {
+    docker rm -f $CONTAINER_ID
+}
+
+trap cleanup_pkcs11 EXIT