Check Validity and Mapping on Windows
You can test whether a certificate is valid and determine which identities are allowed to authenticate with a certificate.
Note: To be valid, a certificate must be signed by a trusted CA (one that is a member of a chain of trust that extends to a trust anchor that you have configured) and it must pass all other validation checks (for example, it must not be expired or revoked and all required intermediate certificates must be available).
To test certificates from the console
- Start the PKI Services Manager console:
Programs > Attachmate Reflection > Utilities > PKI Manager
- From the Utility menu, select Test Certificate.
- Click Browse, specify a certificate to test, then click OK.
- Click Test.
To test certificates from the command line
- Open a DOS command window and navigate to the program folder. The default is:
C:\Program Files\Attachmate\ReflectionPKI
- Use winpki validate to test certificates. Refer to these examples:
To
Use this command
Check if the certificate test.cer is valid.
winpki validate \path\test.cer
Check if the certificate is valid and if the server abc.com can authenticate with test.cer.
winpki validate \path\test.cer -t abc.com
Check if the certificate is valid and if the user joe can authenticate with test.cer.
winpki validate \path\test.cer -u joe
See which identities can authenticate with test.cer.
winpki validate \path\test.cer -w
 |