🔐 Certificate Toolkit (PEM/CSR)

Inspect certificates, keys, CSRs, and OpenSSL config. Generate RSA keys, CSRs, and self‑signed certs. All in your browser.

Privacy: Everything runs locally in your browser.

We never upload your keys, CSRs, certificates, or configs to any server.

Decode

Paste or drop PEM/DER files to see subjects, issuers, SANs, validity, and fingerprints instantly.

Validate

We match public keys, CNs, SANs, and any supplied CA chain so you catch mismatches immediately.

Generate

Create fresh RSA keys, CSRs, and self-signed certificates locally with the subject and SANs you need.

Decode & Inspect

Paste or load certificates, CSRs, private keys, or OpenSSL configs to decode them instantly. As soon as they parse successfully, the relationship checks below light up so you can spot mismatches without leaving this tab.

Certificate (PEM)

Browse fileLoad .crt/.cer/.pem

Private Key (PEM)

Browse fileLoad .key/.pem

CSR (PEM)

Browse fileLoad .csr/.pem

OpenSSL Config (.cnf)

Browse fileLoad .cnf/.conf

Additional CA Certificates (PEM)

Browse filesLoad CA chain files

Validate Relationships

Decode your files above, then use these checks to make sure everything is in sync before issuing or deploying.

Private key matches certificate public key

Private key matches CSR public key

Certificate CN matches OpenSSL config CN

CSR CN matches OpenSSL config CN

Certificate SANs cover SANs from config

CSR SANs cover SANs from config

Add CA certificates to check the certificate chain