CSR Decoder

All tools

Options

Status
Idle
Bytes
0

About CSR Decoder

This tool decodes certificate signing requests and shows readable CSR metadata.

It is useful when inspecting CSR subject fields, SAN entries, key algorithms, and CSR encoding formats.

How to use CSR Decoder

  1. Paste a PEM CSR, Base64 DER CSR, or hex DER CSR into the input field.
  2. Choose the matching input format.
  3. Click Decode.
  4. Review the CSR summary and copy the normalized PEM, Base64 DER, or hex DER if needed.

Tips

  • A CSR is not a certificate yet. It is a request to issue one.
  • If SAN values are present, they are usually stored in the extension request attributes.
  • PEM CSR is just Base64 DER wrapped in BEGIN/END markers.
  • Use normalized PEM output if you need a clean CSR block.

CSR checks before submitting a certificate request

A certificate signing request exposes requested identity and key details, but it must match the private key and the certificate authority policy.

Verify requested names

Check Common Name and Subject Alternative Names for the exact DNS names or IP addresses that need coverage.

Inspect key details

Confirm public-key algorithm, key size, signature algorithm, and whether they meet the CA and platform requirements.

Match the private key

Keep the private key secure and verify the issued certificate will pair with it before installing on servers or load balancers.

Review organization fields

Validate organization, locality, country, and optional attributes when the CA or compliance process depends on them.

Related tools

You may also find these tools useful.

CSR Decoder FAQ

What is a CSR?
A CSR is a certificate signing request. It contains subject information and a public key, and is sent to a certificate authority.
Can this tool decode PEM CSR files?
Yes. It supports PEM CSR input and can also decode Base64 DER and hex DER CSR data.
Does it show SAN values?
Yes, when SAN data is present inside the CSR extension request attributes, the tool attempts to extract it.
Is a CSR the same as a certificate?
No. A CSR is only a request to create a certificate. It is not the issued certificate itself.