CSR Decoder
Options
About CSR Decoder
This tool decodes certificate signing requests and shows readable CSR metadata.
It is useful when inspecting CSR subject fields, SAN entries, key algorithms, and CSR encoding formats.
How to use CSR Decoder
- Paste a PEM CSR, Base64 DER CSR, or hex DER CSR into the input field.
- Choose the matching input format.
- Click Decode.
- Review the CSR summary and copy the normalized PEM, Base64 DER, or hex DER if needed.
Tips
- A CSR is not a certificate yet. It is a request to issue one.
- If SAN values are present, they are usually stored in the extension request attributes.
- PEM CSR is just Base64 DER wrapped in BEGIN/END markers.
- Use normalized PEM output if you need a clean CSR block.
CSR checks before submitting a certificate request
A certificate signing request exposes requested identity and key details, but it must match the private key and the certificate authority policy.
Verify requested names
Check Common Name and Subject Alternative Names for the exact DNS names or IP addresses that need coverage.
Inspect key details
Confirm public-key algorithm, key size, signature algorithm, and whether they meet the CA and platform requirements.
Match the private key
Keep the private key secure and verify the issued certificate will pair with it before installing on servers or load balancers.
Review organization fields
Validate organization, locality, country, and optional attributes when the CA or compliance process depends on them.
Related tools
You may also find these tools useful.