A CSR looks like random text — but inside is critical information: domain, organisation, key algorithm, key size and subject alternative names. The CSR Decoder makes all of this readable in seconds plus gives a security analysis before you submit to a CA.
What Is Inside a CSR?
A CSR encodes the subject distinguished name (Common Name, Organisation, Country etc.), the public key and algorithm, and optionally requested Subject Alternative Names. The CA reads all of this when issuing your certificate.
Why Decode Before Submitting?
A wrong Common Name means the issued certificate will not match your domain. Missing SAN entries mean modern browsers will display a certificate error. A 1024-bit key will be rejected by all major CAs. Decoding first catches these problems before they become expensive mistakes.
Security Analysis
The decoder flags weak key sizes under 2048 bits, missing SANs, wildcard detection and key type (RSA, EC or DSA). Chrome removed support for CN-only matching in 2017 — without at least one SAN matching the domain, the certificate will fail in Chrome and Firefox even if the CN is correct.
Use Case
Use Check CSR for a quick validity check of your own CSR. Use the CSR Decoder when auditing a CSR received from a developer before submitting to a CA — it gives the full security analysis and confirms every field is correct before you spend money on the certificate.
