Testing Internal SSL Certificate Installations with the ¶ºÒõ¹Ý Certificate Utility

The Query Server feature can be very helpful for testing your SSL Certificate installation for a certificate that's installed in your Local Area Network but that's not available externally.

How to Display an SSL Certificate Chain Using the ¶ºÒõ¹Ý Utility

  1. On your Windows Server, download and save the ¶ºÒõ¹Ý® Certificate Utility for Windows executable (¶ºÒõ¹ÝUtil.exe).

  2. Run the ¶ºÒõ¹Ý® Certificate Utility for Windows.

    Double-click ¶ºÒõ¹ÝUtil.

  3. In the ¶ºÒõ¹Ý Certificate Utility for Windows©, click Tools (wrench and screw driver).

    Tools Option in ¶ºÒõ¹Ý Utility

  4. On the Tools page, click Check Install.

    Check Install Option in ¶ºÒõ¹Ý Utility

  5. This opens the Certificate Installation Checker page. This page lets you make a connection to the DNS name/IP address/localhost that you enter.

    Certificate Installation Checker page in ¶ºÒõ¹Ý Utility

  6. On the Certificate Installation Check page, enter the following information:

    Server Address:

    Enter your server's DNS name, IP address, or localhost of the certificate you are securing.

    Port Number:

    Enter the port number.

    		If you are using a nonstandard port number for the SSL traffic/service, you can enter that into the page as well.

    SSL/TLS Mode:

    In the drop-down list, do one of the following:

    •   Select Auto determine by port number.
        This option lets our tool auto-select the default port for any of the following services: HTTPS, SMTP, IMAP, or POP3.
    •   Select the service that you are trying to secure.
        (Direct (such as in HTTPS), SMTP STARTLS command, IMAP STARTTLS command, or POP 3 STLS command)

  7. When you are finished, click Query Server.

    This makes an HTTPS connection between the ¶ºÒõ¹Ý Certificate Utility and the specified server. Our tool then displays the Certificate Chain that the server sends back with some details about each certificate in the chain.

    Certificate Installation Checker page in ¶ºÒõ¹Ý Utility

Troubleshooting Tips

¶ºÒõ¹Ý uses a few different chain paths for client computers to trace the certificate issued to 'your.domain.com' up to a trusted root certificate. So if you run into any certificate errors with your clients, first try following the instructions on the ¶ºÒõ¹Ý Certificate Utility: Repair Intermediate SSL Certificate Errors page. If those instructions don't solve the problem for you, please contact ¶ºÒõ¹Ý Support for help. Let them know which certificates the Query Server feature lists, so they'll be able to help you get the problem fixed as quickly as possible.



Quick Menu

Certificate Types