Viewing the Contents of a Certificate Signing Request (CSR) with OpenSSL

As part of getting a certificate signed by a Certificate Authority (CA) you will need to provide a Certificate Signing Request (CSR).

But what if you're not 100% sure if you've generated the CSR correctly, but are not sure how to convert the file you've got to a more human-readable format?

Let's take the below sample CSR from the Digicert website:

-----BEGIN CERTIFICATE REQUEST-----
MIICvDCCAaQCAQAwdzELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxDzANBgNV
BAcMBkxpbmRvbjEWMBQGA1UECgwNRGlnaUNlcnQgSW5jLjERMA8GA1UECwwIRGln
aUNlcnQxHTAbBgNVBAMMFGV4YW1wbGUuZGlnaWNlcnQuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+To7d+2kPWeBv/orU3LVbJwDrSQbeKamCmo
wp5bqDxIwV20zqRb7APUOKYoVEFFOEQs6T6gImnIolhbiH6m4zgZ/CPvWBOkZc+c
1Po2EmvBz+AD5sBdT5kzGQA6NbWyZGldxRthNLOs1efOhdnWFuhI162qmcflgpiI
WDuwq4C9f+YkeJhNn9dF5+owm8cOQmDrV8NNdiTqin8q3qYAHHJRW28glJUCZkTZ
wIaSR6crBQ8TbYNE0dc+Caa3DOIkz1EOsHWzTx+n0zKfqcbgXi4DJx+C1bjptYPR
BPZL8DAeWuA8ebudVT44yEp82G96/Ggcf7F33xMxe0yc+Xa6owIDAQABoAAwDQYJ
KoZIhvcNAQEFBQADggEBAB0kcrFccSmFDmxox0Ne01UIqSsDqHgL+XmHTXJwre6D
hJSZwbvEtOK0G3+dr4Fs11WuUNt5qcLsx5a8uk4G6AKHMzuhLsJ7XZjgmQXGECpY
Q4mC3yT3ZoCGpIXbw+iP3lmEEXgaQL0Tx5LFl/okKbKYwIqNiyKWOMj7ZR/wxWg/
ZDGRs55xuoeLDJ/ZRFf9bI+IaCUd1YrfYcHIl3G87Av+r49YVwqRDT0VDV7uLgqn
29XI1PpVUNCPQGn9p/eX6Qo7vpDaPybRtA2R7XLKjQaF9oXWeCUqy1hvJac9QFO2
97Ob1alpHPoZ7mWiEuJwjBPii6a9M9G30nUo39lBi1w=
-----END CERTIFICATE REQUEST-----

We can use the below OpenSSL command to view information about the file, assuming we've created sample.csr with the above file contents:

$ openssl req -in sample.csr -noout -text
Certificate Request:
    Data:
        Version: 1 (0x0)
        Subject: C = US, ST = Utah, L = Lindon, O = DigiCert Inc., OU = DigiCert, CN = example.digicert.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:e4:e8:ed:df:b6:90:f5:9e:06:ff:e8:ad:4d:
                    cb:55:b2:70:0e:b4:90:6d:e2:9a:98:29:a8:c2:9e:
                    5b:a8:3c:48:c1:5d:b4:ce:a4:5b:ec:03:d4:38:a6:
                    28:54:41:45:38:44:2c:e9:3e:a0:22:69:c8:a2:58:
                    5b:88:7e:a6:e3:38:19:fc:23:ef:58:13:a4:65:cf:
                    9c:d4:fa:36:12:6b:c1:cf:e0:03:e6:c0:5d:4f:99:
                    33:19:00:3a:35:b5:b2:64:69:5d:c5:1b:61:34:b3:
                    ac:d5:e7:ce:85:d9:d6:16:e8:48:d7:ad:aa:99:c7:
                    e5:82:98:88:58:3b:b0:ab:80:bd:7f:e6:24:78:98:
                    4d:9f:d7:45:e7:ea:30:9b:c7:0e:42:60:eb:57:c3:
                    4d:76:24:ea:8a:7f:2a:de:a6:00:1c:72:51:5b:6f:
                    20:94:95:02:66:44:d9:c0:86:92:47:a7:2b:05:0f:
                    13:6d:83:44:d1:d7:3e:09:a6:b7:0c:e2:24:cf:51:
                    0e:b0:75:b3:4f:1f:a7:d3:32:9f:a9:c6:e0:5e:2e:
                    03:27:1f:82:d5:b8:e9:b5:83:d1:04:f6:4b:f0:30:
                    1e:5a:e0:3c:79:bb:9d:55:3e:38:c8:4a:7c:d8:6f:
                    7a:fc:68:1c:7f:b1:77:df:13:31:7b:4c:9c:f9:76:
                    ba:a3
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: sha1WithRSAEncryption
         1d:24:72:b1:5c:71:29:85:0e:6c:68:c7:43:5e:d3:55:08:a9:
         2b:03:a8:78:0b:f9:79:87:4d:72:70:ad:ee:83:84:94:99:c1:
         bb:c4:b4:e2:b4:1b:7f:9d:af:81:6c:d7:55:ae:50:db:79:a9:
         c2:ec:c7:96:bc:ba:4e:06:e8:02:87:33:3b:a1:2e:c2:7b:5d:
         98:e0:99:05:c6:10:2a:58:43:89:82:df:24:f7:66:80:86:a4:
         85:db:c3:e8:8f:de:59:84:11:78:1a:40:bd:13:c7:92:c5:97:
         fa:24:29:b2:98:c0:8a:8d:8b:22:96:38:c8:fb:65:1f:f0:c5:
         68:3f:64:31:91:b3:9e:71:ba:87:8b:0c:9f:d9:44:57:fd:6c:
         8f:88:68:25:1d:d5:8a:df:61:c1:c8:97:71:bc:ec:0b:fe:af:
         8f:58:57:0a:91:0d:3d:15:0d:5e:ee:2e:0a:a7:db:d5:c8:d4:
         fa:55:50:d0:8f:40:69:fd:a7:f7:97:e9:0a:3b:be:90:da:3f:
         26:d1:b4:0d:91:ed:72:ca:8d:06:85:f6:85:d6:78:25:2a:cb:
         58:6f:25:a7:3d:40:53:b6:f7:b3:9b:d5:a9:69:1c:fa:19:ee:
         65:a2:12:e2:70:8c:13:e2:8b:a6:bd:33:d1:b7:d2:75:28:df:
         d9:41:8b:5c

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #openssl #certificates #nablopomo.

This post was filed under articles.

This post is part of the series nablopomo-2019.

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.