Something wrong with this tool?

About Csr PEM Summary Online

This tool parses a Certificate Signing Request (CSR) or PEM-encoded certificate and shows its contents in human-readable form: subject, public key info, requested extensions, signature algorithm, and other fields.

Reading raw PEM with command-line tools is fiddly; a visual summary saves time when verifying that a CSR matches the cert you ordered, debugging mismatches between cert and key, or auditing what's in a third-party certificate.

All parsing happens in the browser — your CSR and certificate never leave your machine. The tool is read-only and doesn't make any network requests with the data.

How to use this tool

How to confirm a CSR PEM is well-formed

  1. Paste the CSR PEM

    Drop the `-----BEGIN CERTIFICATE REQUEST-----` … `-----END CERTIFICATE REQUEST-----` block into the "PEM" field. Some CAs export the older `NEW CERTIFICATE REQUEST` header — this tool only looks for `CERTIFICATE REQUEST`.

  2. Press Run

    Result returns `containsHeader` (true if the BEGIN line is present) and `bodyLength` (character count of the base64 body between BEGIN and END). A non-zero body with the header is the basic well-formedness signal.

  3. What it does NOT validate

    The tool does NOT verify the CSR's signature, decode the subject/SAN, or check key strength. For that, run `openssl req -in request.csr -noout -text` locally, or upload to a CA's CSR-decode page.

  4. When the CSR fails to submit

    If the CA refuses your CSR even after `containsHeader: true`, common culprits: stray whitespace inside the base64 body, BEGIN/END mismatched, or the CSR signed with a key the CA doesn't accept. Re-export from your KMS.