Certificate Signing Request

A Certificate Signing Request (CSR) file contains a public key, along with some metadata which typically includes an organization name, domain name, etc.

A CSR file may be encoded in PEM format, DER format, or possibly some other format.

The CSR file is intended to be sent to a certificate authority, who can then (after performing any required validation of the sender's identity) generate and send back a signed certificate. Note that the certificate authority does not need to know the certificate's private key.

Identification
A PEM-encoded CSR file is plain text, with base64-encoded payload data. It contains a line that reads " " or " ".

Examples
To view the contents of a PEM-encoded CSR file, using OpenSSL: openssl req -noout -text -in example.csr

To generate a new CSR, first generate a private key, then: openssl req -new -key example.key -out example.csr

Software

 * OpenSSL