Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Pardon our Dust.

Welcome to the new site for Federal Identity, Credential, and Access Management (FICAM) Playbooks! We are consolidating all existing FICAM and Federal Public Key Infrastructure (FPKI) playbooks to this new page to help you find answers and content faster. Please bookmark this URL for future reference.

Useful Tools

We are always collecting useful tools and links that will help you understand and use the Federal Public Key Infrastructure. The table below provides a list of useful tools.

Please consider contributing any of your favorite tools to this effort!

Tool Link Purpose/Use Audience
FPKI Graph This is an interactive website that is updated weekly to display the hundreds of certification authorities that make up the FPKI and how they are connected. Program Managers; System Engineers
Certutil MSDN Link Certutil.exe is a Microsoft Windows command-line utility that provides many uses including exporting PIV certificates and validating certificates Example of using the certutil command to verify PIV certificates System Engineers
Personal Identify Verification (PIV) Cert Validator Tool The PIV Certificate Validator is a web site application hosted by It assists in verifying the certificates found on a PIV card. System Engineers
PKI Interoperability Test Tool (PITT) for Microsoft Windows The PKI Interoperability Test Tool (PITT) is a utility intended for PKI integrators. It allows inspection and troubleshooting of certification path processing for a given PKI using both PKIF and Microsoft CAPI. It’s especially useful for identifying a portion of your PKI that may be causing performance problems. System Engineers
FPKI CRL Miner GitHub Link A work in progress Open Source GitHub repository to validate all HTTP CRL URLs for the Federal PKI. System Engineers