A certificate signing request (CSR) contains subject information such as organization name, organizational unit name, common name, etc. CSR also includes public key and signature. This tutorial shows how to decode certificate signing request using OpenSSL.
Let's say we have the following certificate signing request:
-----BEGIN CERTIFICATE REQUEST-----
MIIBEjCBvQIBADBYMQswCQYDVQQGEwJVUzEVMBMGA1UECgwMVGVzdCBDb21wYW55
MR8wHQYDVQQLDBZUZXN0IE9yZ2FuaXphdGlvbiBVbml0MREwDwYDVQQDDAh0ZXN0
LmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCzI+L79VcDMExRpc7nO0q5Yy9w
RKVlS5MfBCRFv7yb3VjjrQWdRzT5Wl5etQOot5G8czA9xxtWijx/C+tB6N3RAgMB
AAGgADANBgkqhkiG9w0BAQsFAANBAFpF4SkUp8oILW6nQJ/lC9+p/9QnF4/kWlAx
/vt3zyHWTVJcDIlUkMjFj8rFeHMJqslhTMvgbcBxhl6U6gQM7iA=
-----END CERTIFICATE REQUEST-----
A certificate signing request can be decoded by using the openssl req
command.
openssl req -in test.csr -text -noout
The meaning of options:
-in test.crt
- specifies the filename to read a certificate signing request.-text
- specifies that information should be printed in text form.-noout
- specifies that an encoded version of the certificate signing request should not be included in output.
A part of the output:
Certificate Request:
Data:
Version: 1 (0x0)
Subject: C = US, O = Test Company, OU = Test Organization Unit, CN = test.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (512 bit)
Modulus:
00:b3:23:e2:fb:f5:57:03:30:4c:51:a5:ce:e7:3b:
4a:b9:63:2f:70:44:a5:65:4b:93:1f:04:24:45:bf:
bc:9b:dd:58:e3:ad:05:9d:47:34:f9:5a:5e:5e:b5:
...
Leave a Comment
Cancel reply