Browser Certificate Tests

The links below will verify if your browser certificates are loaded properly. Click on the link for each type of test you wish to perform.

Test which certificate your browser is sent by default

Test your KCA certificate

Test your DOEGrids certificate (browser restart required if previously ran the other certificate tests)

Test your OSG certificate (browser restart required if previously ran the other certificate tests)


If your certificate worked, you should be directed to a web page which displays your CN and the certificate issuer. If you receive Forbidden/Permission Denied error, either you chose the wrong certificate for the test, your certificate is expired or not loaded properly.


Internet Explorer users will be presented with a selection box to choose the certificate they wish to test.


If you have both a KCA and DOEGrids certificate installed in Mozilla or FireFox, the default configuration is for the browser to automatically choose the certificate to present to the web server. This may cause undesired usage, and even denied access. It is recommended to change the settings in your web browser to allow you to choose the certificate you wish to use.

Windows Mozilla/Firefox users, navigate to:
Tools\Options\Advanced and scroll down to Certificates

Unix Mozilla/Firefox users, navigate to:
Edit\Preferences\Privacy & Security\Certificates

Ensure the 'Ask Every Time' radio button is selected under the 'Client Certificate Selection' mection:

You might be required to restart your browser to test both certificates since Mozilla/FireFox will cache your certificate selection when you perform the first test.

For assistance contact
Information compiled and maintained by Computer Security Team ; last modified by TR on July 13, 2006.
(Address comments about page to the Computer Security Team.)