RakkoTools

CSR Decoder

Decode your Certificate Signing Request

Add to favorite
Common Name
Organization
Organization Unit
Locality
State
Country
Email Address

What this tool can

The CSR Decoder is a tool to decode your Certificate Signing Request and verify that it contains the correct information.

What is a CSR?

A CSR or Certificate Signing request is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate such as the organization name, common name (domain name), locality, and country. It also contains the public key that will be included in the certificate. A private key is usually created at the same time that you create the CSR, making a key pair.
A certificate authority will use a CSR to create your SSL certificate, but it does not need your private key. You need to keep your private key secret. The certificate created with a particular CSR will only work with the private key that was generated with it. So if you lose the private key, the certificate will no longer work.


What is contained in a CSR?

  • Common Name (CN) : The fully qualified domain name (FQDN) of your server.
  • Organization (O) : The legal name of your organization. Do not abbreviate and include any suffixes, such as Inc., Corp., or LLC.
  • Organizational Unit (OU) : The division of your organization handling the certificate.
  • City/Locality (L) : The city where your organization is located. This shouldn’t be abbreviated.
  • State/County/Region (S) : The state/region where your organization is located. This shouldn't be abbreviated.
  • Country (C) : The two-letter code for the country where your organization is located.
  • Email Address : An email address used to contact your organization.

What Does a CSR Look Like?

The CSR itself is usually created in a Base-64 based PEM format. You can open the CSR file using a simple text editor and it will look like the sample below.

-----BEGIN CERTIFICATE REQUEST-----
MIICuzCCAaMCAQAwdjELMAkGA1UEBhMCSlAxDzANBgNVBAgMBuadseS6rDE8MDoG
A1UECgwz5qCq5byP5Lya56S+44K344Oz44Kv44Op44OV44OI77yIVGhpbktyYWZ0
LCBJbmMu77yJMRgwFgYDVQQDDA90aGlua3JhZnQuY28uanAwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDEyflZScFMVHBs2rz3vK5uQ7LsqXKTyVxBwUYl
xURqp4DR94T18IZe7KVeWFsVixfoHN2MDRuZh70cjOD0kok/wFc4CrMlnL8ohL3N
aCifzDUvUFkC3hECL+wGWhFGTnUMbOS3+T1WTv62VOta4AIJoOwD+P4ALDFEYXMA
NRsN2z0Wi0hE15cgzzNUGrIVHbDXE4tvDAhxuykdCewiGZOPhOzsav1DhZdxvO/i
LuEAugNJIFkJKhSrpwlNXFpokScrFrXJv84pev0mXCv7dFtF1HLUiJlJDQ+GxqMH
OgkJk8tuUe9DGp5xluGSTMCAXy5OJaLMIgCMZRK7FnVt2AffAgMBAAGgADANBgkq
hkiG9w0BAQsFAAOCAQEAbWFPh+ZrueDTyEVv/r0T9T38dQPN9TC9QjhROaRY1wWi
UICgUAncHJW+hnc00aR2nvOvqDNXix5ZaMR8UPzVFUbs+xYbzAlNh4ndwJQXBM0X
bZcQqOiAl5cJgfqTR+AKA8/yc0Hok0Ipag84x4XM4jIkclph5+9am00v01BD/kiL
KZHHgYaOk0cv1BbVS/3rkKg9qE7cXgz+AHlNvSyOYm0PzftqlW1Ybqn2Jn8e9Vns
wQU2FIWeo5u+GJ3wxUvOcQhZq4ZU3Mw2WSf++gVsV6tuRn2RovA6m13rNVk21vbN
/7dMDMWjDN3eJ45AFn26pu53C6QRmz1BfTGMLbhH1g==
-----END CERTIFICATE REQUEST-----

Useful for

  • When you're using an old CSR to renew your SSL certificate. If send the wrong CSR and you're going to lose time. This tools helps to verify that the information contained in the CSR you send is correct.
  • When you're managing a lot of certificates. Sometimes it's easy to confuse CSRs. This tool helps you find the CSR you need.

related tools