Format and standard for CSR

Robert Moskowitz rgm at htt-consult.com
Wed Aug 28 13:48:18 UTC 2019


I am writing an Internet Draft that will include transmission of a CSR, 
so I need to reference the proper source.  No more sloppy, "well it 
works...".

Some digging said it is in PKCS#10 - CSR.  But I did not stop with that.

A bit more googling lead me to RFC 4211...

When I create a CSR with:

    openssl req -config openssl-intermediate.cnf\
        -key ./private/client.key.pem \
        -subj "$DN" -new -out ./csr/client.csr.pem

What format is this?  Are there better, more concise formats (e.g. DER?) 
for transmission over constrained networks?

I can dump it with

    openssl req -text -noout -verify -in ./csr/client.csr.pem

But that does not really tell me the format, only what is in the cert.

Thanks



More information about the openssl-users mailing list