Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Useful Tools

We are always collecting useful tools and links that will help you understand and use the Federal Public Key Infrastructure. The table below provides a list of useful tools.

Please consider contributing any of your favorite tools to this effort!

Tool Link Purpose/Use Audience
FPKI Graph FPKI Graph This is an interactive website that is updated weekly to display the hundreds of certification authorities that make up the FPKI and how they are connected. Program Managers; System Engineers
Card Conformance Tool (CCT) GitHub (External) The Card Conformance Tool (CCT) is a GSA managed Java tool which validates that Personal Identity Verification (PIV) and PIV-Interoperable (PIV-I) smart cards are compliant with key standards. PIV or PIV-I Issuers; System Engineers
Certificate Profile Conformance Tool (CPCT) Cert Conformance Tool (External) The Certificate Profile Conformance Tool (CPCT) is an application that analyzes certificates for conformance to a specified FPKI-defined profile. FPKI Certificate Issuers or Relying Parties; System Engineers
Certutil MSDN (External) Certutil.exe is a Microsoft Windows command-line utility that provides many uses, including exporting PIV certificates and validating certificates System Engineers
Personal Identify Verification (PIV) Cert Validator Tool PIV Tool (External) The PIV Certificate Validator is a website application hosted by It assists in verifying the certificates found on a PIV card. System Engineers
PKI Interoperability Test Tool (PITT) for Microsoft Windows Sourceforge (External) The PKI Interoperability Test Tool (PITT) is a utility intended for PKI integrators. It allows inspection and troubleshooting of certification path processing for a given PKI using both PKIF and Microsoft CAPI. It’s especially useful for identifying a portion of your PKI that may be causing performance problems. System Engineers External Certificate Transparency auditor used to find and audit TLS certificate issuances and issues. System Engineers
OpenSC Github (External) OpenSC provides a set of libraries and utilities to work with smart cards. Use OpenSC versions of 0.20.0 or greater to reduce website authentication errors related to TLS 1.3. System Engineers
NIST 85B (800-73-4) Test Tool NIST (External) Used to pull deep PIV contents when integrating PIV with various infrastructure components. System Engineers; FPKI Card Issuers
Treasury PIV Authentication Tester (TLS 1.3) External A tool from the U.S. Department of the Treasury, Bureau of the Fiscal Service used to test PIV authentication. Click on “log in” and follow the prompts for PIV. This tool will identify if your agency is impacted by TLS 1.3 break and inspect for Trusted Internet Connection (TIC). System Engineers; PIV Holders

An official website of the General Services Administration

Looking for U.S. government information and services?
Visit Edit this page