Digicert Certificate Utility – SSL Installation Checker

Digicert Certificate Utility - SSL Installation CheckerThe Digicert Certificate Utility – Certificate Installation Checker allows you to perform an SSL handshake with a local or remote SSL socket (https, pop3s, imaps, ldaps, etc.) and then show you what certificate, and chain that is currently bound to that application returning to its clients.

This is useful for troubleshooting intermediate certificate issues, errors with certificates on websites, figuring out what certificates are bound to websites/applications/IP’s,  etc.. for both Internal and External Networks. 

To download the Digicert Certificate utility for Windows perform the following.


Downloading and Installing The Digicert Certificate Utility.

  1. On your Windows server or workstation, download and save the Digicert Certificate Utility for Windows executable (DigiCertUtil.exe).
  2. Run the Digicert Certificate Utility for Windows by Double-click DigiCertUtil.

Congrats you have downloaded and installed the Digicert Certificate Utility.


To check a website or IP address’s SSL Certificate perform the following:

  1. Run the Digicert Certificate Utility for Windows (double-click DigiCertUtil).
  2. Click Tools.
  3. Under Certificate Installation Checker, click Check Install.
    Digicert Certificate Utility - SSL Installation Checker
  4. In the Certificate Installation Checker pop up specify the following:
    1. Server Address: The fully qualified name of the website or IP address.
    2. Port Number: Specify the port. Usually SSL encryption runs on default portal 443 or 8443, yet your environment may differ.
    3. SSL TLS mode: Leave at default.
  5. Click Query Server.
    You Certificate Checker will pull up a list of information regarding the current certificate found on that website. You should see an SSL certificate and any subsequent chain intermediates radiating from the website you just queried.
    Digicert Certificate Utility - SSL Installation Checker

The Certificate Checker is good at pointing out if what certificates are installed on what system.  If I specified in the Server Address www.Ametek.com yet the Certificate list returned from the server came back with a certificate issued to www.localhost/ssl then the wrong certificate must be bound to that website.

Note: Some certificates have SAN or wildcards meaning that a certificate can work for multiple websites. You can double-click on each certificate in the results to view more details about the certificates that are currently bound to the Server.

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »