We are always collecting useful tools and links that will help you understand and use the Federal Public Key Infrastructure. The table below provides a list of useful tools.
Please consider contributing any of your favorite tools to this effort!
|FPKI Graph||FPKI Graph||This is an interactive website that is updated weekly to display the hundreds of certification authorities that make up the FPKI and how they are connected.||Program Managers; System Engineers|
|Card Conformance Tool (CCT)||GitHub (External)||The Card Conformance Tool (CCT) is a GSA managed Java tool which validates that Personal Identity Verification (PIV) and PIV-Interoperable (PIV-I) smart cards are compliant with key standards.||PIV or PIV-I Issuers; System Engineers|
|Certificate Profile Conformance Tool (CPCT)||Cert Conformance Tool (External)||The Certificate Profile Conformance Tool (CPCT) is a web site application that analyzes certificates for conformance to a specified FPKI-defined profile.||FPKI Certificate Issuers or Relying Parties; System Engineers|
|Certutil||MSDN (External)||Certutil.exe is a Microsoft Windows command-line utility that provides many uses including exporting PIV certificates and validating certificates Example of using the certutil command to verify PIV certificates||System Engineers|
|Personal Identify Verification (PIV) Cert Validator Tool||Max.gov PIV Tool (External)||The PIV Certificate Validator is a web site application hosted by Max.gov. It assists in verifying the certificates found on a PIV card.||System Engineers|
|PKI Interoperability Test Tool (PITT) for Microsoft Windows||Sourceforge (External)||The PKI Interoperability Test Tool (PITT) is a utility intended for PKI integrators. It allows inspection and troubleshooting of certification path processing for a given PKI using both PKIF and Microsoft CAPI. It’s especially useful for identifying a portion of your PKI that may be causing performance problems.||System Engineers|
|FPKI CRL Miner||GitHub (External)||A work in progress Open Source GitHub repository to validate all HTTP CRL URLs for the Federal PKI.||System Engineers|