CertMate CertMate /

How to read a CSR (Certificate Signing Request)

A Certificate Signing Request bundles the details you want in a certificate plus your public key, signed by your private key. Checking it before submission saves a wasted issuance when a hostname or key size is wrong.

Why verify a CSR first

The CA issues a certificate based on what's in the CSR. If the Subject Alternative Names are missing the hostname you need, or the key is too small, you'll only find out after issuance — and have to start over. A 30-second check avoids that.

Decode it in your browser

Paste the CSR (BEGIN CERTIFICATE REQUEST … END CERTIFICATE REQUEST) into the CSR Decoder. It shows the requested subject, the SAN list, and the public key algorithm and size, parsed entirely on your device.

Or with OpenSSL

openssl req -in request.csr -noout -text -verify prints the decoded request and confirms the self-signature is valid — a quick integrity check that the CSR wasn't truncated or corrupted.

Open the CSR Decoder →

Runs entirely client-side: no upload, no tracking.