HowTo: Decode CSR

A Certificate Authority will use a CSR to create your SSL certificate.

What is a CSR? A CSR or ‘Certificate Signing Request’ is a block of encrypted text, that is generated on the server that the certificate will be used on.

It contains information that will be included in your certificate, such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate.

Run these OpenSSL commands, to decode your Certificate Signing Request, and verify that it contains the correct information.

Extract information from the CSR

$ openssl req -in shellhacks.com.csr -text -noout

Verify the signature

$ openssl req -in shellhacks.com.csr -noout -verify

Whom the certificate will be issued to?

$ openssl req -in shellhacks.com.csr -noout -subject

Show the public key

$ openssl req -in shellhacks.com.csr -noout -pubkey
Was it useful? Share this post with the world!

2 Replies to “HowTo: Decode CSR”

  1. Great, much more secure than online websites which could grab your information while displaying it!

  2. Nilesh Gavali says: Reply

    HI Laurent
    I believe, CSR contain only public information which you want to be part of your certificate. So it doesn’t make difference.

Leave a Reply