Direct Certificate Discovery Tool

The Direct Certificate Discovery Tool (DCDT) was created to support automated testing of systems that plan to enact the Certificate Discovery and Provider Directory Implementation Guide, approved as normative specification by the Direct community, as of July 9, 2012. It is based on the written test package and requirement traceability matrix created by the Modular Specifications project under the direction of the Assistant Secretary for Technology Policy (ASTP) and National Institute of Standards and Technology (NIST).

Overview

The tool is divided into two main testing areas:

  • Hosting allows a System Under Test (SUT) to verify that their certificates are hosted correctly, and discoverable by other Direct implementations.

  • Discovery allows a SUT to verify that they can discover certificates in other Direct implementations by using them to send Direct messages.

Get information on how to report bugs, seek technical support, or contact our customer service team.
Hosting - Verify your certificate can be discovered

Directions

  • Determine the required test cases for your SUT (System Under Test). Notice that there are two options for storage of address-bound and domain-bound certificates.

  • Select a test case that reflects the SUT from the dropdown.

  • Read the Description and Instructions for the selected test case. Then enter the Direct address and submit. Your SUT configuration may require that you select more than one test case. If so, then select one test case at a time, following the instructions to execute the test after each selection.

Discover DCDT's Certificates

Directions

  • Download the Testing Tool's trust anchor. Download Trust Anchor

  • Upload the anchor to your Direct instance. This will allow you to send messages to our tool.

  • Using the form below, map the Direct email address from which you will be sending messages to a non-Direct email address that will receive a regular email containing test results. This email address should be able to receive plain text messages. Make sure you have access to the recipient email address in order to verify the receipt of the messages.

  • For Results

  • Choose a test case from the drop down menu below. Read the test case description below the "Direct Address" field, copy the displayed Direct address and proceed to step 5. You should run all of the tests in order to verify that your system can correctly discover certificates in either DNS CERT records or LDAP servers. (Note: your system MUST NOT already contain a certificate for the address selected or the test case will not be valid).

  • Attempt to send a message to the Direct address that you've just copied. Please only send to one address at a time. The test case results message will indicate the test case results. See the test case instructions for additional information.

Resources

Can't find what you're looking for?

Please check out our Documentation or Archived section for more details.