The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

GSA Certificate Profile Conformance Tool

Last Update: April 22, 2021

The Certificate Profile Conformance Tool (CPCT) is a website application hosted on Cloud.gov that supports FPKI annual reviews and compliance by analyzing public X.509 certificates for conformance to a specified FPKI profile:

Common Policy SSP Program
FPKI/Federal Bridge
PIV-Interoperable (PIV-I)

In conjunction with the Card Conformance Tool (CCT), the CPCT enables FPKI stakeholders to perform remote testing. To request an official report on your CPCT and CCT results, fill out the Annual PIV Credential Issuer (PCI) Testing Application Form and send it with outputs and testing artifacts to fips201ep at gsa.gov.

The CPCT can improve the detection of certificate profile issues during FPKI development and maintenance phases.

For more information about the CPCT, see the following resources:

URL: https://cpct.app.cloud.gov/
Support page: https://cpct.app.cloud.gov/help/

Return to top

Looking for U.S. government information and services?

Visit USA.gov

This site is a collaboration between GSA and the Federal CIO Council. It is managed by the Identity Assurance and Trusted Access Division in the GSA Office of Government-wide Policy.

Edit this page