What is a CSR used for?

A CSR is submitted to a Certificate Authority (CA) to request a signed SSL/TLS certificate. It contains your public key and subject fields.

What is the Common Name?

For TLS certificates the Common Name should be the fully qualified domain name (e.g. example.com or *.example.com for wildcard).

Why use openssl instead of browser-only?

Building a correctly signed PKCS#10 CSR requires ASN.1 DER encoding of the entire structure plus a signature. The openssl approach is reliable and universally accepted.

CSR Generator

Fill in your details and get a ready-to-run openssl command to generate a CSR and key.

Common Name (CN) *

Organization (O)

Organizational Unit (OU)

Country (C, 2 letters)

State / Province (ST)

Locality (L)

Subject Alternative Names (comma-separated)

Key size:

Related Tools

#CSR Decoder

Paste a PEM CSR and decode its subject, public key algorithm, and signature algorithm.

#RSA Key Generator

Generate RSA key pairs (2048 or 4096-bit) and export as PEM in your browser.

#RSA Key Pair + OpenSSL Command

Generate an RSA key pair and get the OpenSSL command to create a self-signed certificate.

FAQ

What is a CSR used for?: A CSR is submitted to a Certificate Authority (CA) to request a signed SSL/TLS certificate. It contains your public key and subject fields.
What is the Common Name?: For TLS certificates the Common Name should be the fully qualified domain name (e.g. example.com or *.example.com for wildcard).
Why use openssl instead of browser-only?: Building a correctly signed PKCS#10 CSR requires ASN.1 DER encoding of the entire structure plus a signature. The openssl approach is reliable and universally accepted.

Fill in the certificate subject fields (Common Name, Organization, Country, State, Locality, Email) and optionally add Subject Alternative Names. The tool generates an RSA key pair using Web Crypto and produces a pre-filled openssl command you can run to create a properly signed CSR. Also shows the public key for reference.