Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

GSA Certificate Profile Conformance Tool

Last Update: April 22, 2021

The Certificate Profile Conformance Tool (CPCT) is a website application hosted on Cloud.gov that supports FPKI annual reviews and compliance by analyzing public X.509 certificates for conformance to a specified FPKI profile:

  • Common Policy SSP Program
  • FPKI/Federal Bridge
  • PIV-Interoperable (PIV-I)

In conjunction with the Card Conformance Tool (CCT), the CPCT enables FPKI stakeholders to perform remote testing. To request an official report on your CPCT and CCT results, fill out the Annual PIV Credential Issuer (PCI) Testing Application Form and send it with outputs and testing artifacts to fips201ep at gsa.gov.

The CPCT can improve the detection of certificate profile issues during FPKI development and maintenance phases.

For more information about the CPCT, see the following resources: