Certificate Signing Request

From Just Solve the File Format Problem
Revision as of 23:17, 22 October 2013 by Jsummers (Talk | contribs)

Jump to: navigation, search
File Format
Name Certificate Signing Request
Ontology
Extension(s) .csr, .pem

A Certificate Signing Request (CSR) file contains a public key, along with some metadata which typically includes an organization name, domain name, etc.

A CSR file may be encoded in PEM format, DER format, or possibly some other format.

The CSR file is intended to be sent to a certificate authority, who can then (after performing any required validation of the sender's identity) generate and send back a signed certificate. Note that the certificate authority does not need to know the certificate's private key.

Identification

A PEM-encoded CSR file is plain text, with base64-encoded payload data. It contains a line that reads "-----BEGIN CERTIFICATE REQUEST-----" or "-----BEGIN NEW CERTIFICATE REQUEST-----".

Examples

To view the contents of a PEM-encoded CSR file, using OpenSSL: 

 openssl req -noout -text -in example.csr

To generate a new CSR, first generate a private key, then: 

 openssl req -new -key example.key -out example.csr

Software

Retrieved from "http://fileformats.archiveteam.org/index.php?title=Certificate_Signing_Request&oldid=14383"
Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox