Open-The-File.com

Find how to open any file type

.CSR file extension

To open .CSR files on Windows, install OpenSSL (or use an existing OpenSSL installation).

To open a .csr file, use a certificate/PKI tool that can read PKCS #10 certificate signing requests—most commonly OpenSSL. On Windows, macOS, and Linux you can view its contents with OpenSSL; on mobile, you typically need to transfer it to a desktop to inspect it reliably.

HomeExtension IndexCertificates in indexCertificates category page

Last updated: June 12, 2026

Open on your device

Choose your operating system for a dedicated step-by-step opening guide.

How to open .CSR files

Use these platform-specific instructions to open .CSR files safely.

Windows

  1. Install OpenSSL (or use an existing OpenSSL installation).
  2. Open Command Prompt/PowerShell, then run: openssl req -in yourfile.csr -noout -text to view the request details (subject, public key, extensions).
Full Windows guide

Mac

  1. Open Terminal.
  2. Run: openssl req -in yourfile.csr -noout -text (if OpenSSL is available on your system) to display the CSR contents.
Full Mac guide

Linux

  1. Open a terminal.
  2. Run: openssl req -in yourfile.csr -noout -text to inspect the CSR.
Full Linux guide

iOS

  1. There is no widely standard, built-in way to inspect PKCS #10 .csr files on iOS; transfer the file to a Mac/PC and use OpenSSL to view it.
Full iOS guide

Android

  1. There is no widely standard, built-in way to inspect PKCS #10 .csr files on Android; transfer the file to a Mac/PC and use OpenSSL to view it.
Full Android guide

Security notes

  • A CSR contains a public key and identifying information, but it should not contain the private key. If you ever receive a “CSR” file that includes private key material, treat it as a key-compromise incident and replace the key pair.
  • CSRs are typically safe to share with a CA, but they may contain organization and domain details; avoid posting them publicly unless you are comfortable with that metadata being disclosed.
  • Although a CSR is not executable, it is still untrusted input to parsers. When inspecting CSRs from unknown sources, prefer well-maintained tooling (such as OpenSSL) and avoid obscure viewers.

If you did not expect this file

This extension is usually plain data, text, or structured content—not a program by itself. The practical risk is social engineering (a scam attachment or misleading filename). For trusted senders you rarely need heavy-handed antivirus wording; use these tools when you want an extra check on unexpected downloads.

Avast

Avast offers free and premium antivirus software that protects against viruses, malware, ransomware, and phishing. Scan files before opening them to ensure safety.

Norton

Norton 360 delivers comprehensive antivirus protection, VPN, and identity theft monitoring. Scan files for threats before opening to keep your device secure.

We may earn a commission when you use affiliate links. This supports our free file extension guides.

Can't open this file?

These are the most common causes and fixes when .CSR files fail to open.

Common reasons

  • OpenSSL says it cannot load the request (wrong format or encoding)
  • CSR is missing the expected domain/SAN information
  • The CA rejects the CSR or the signature check fails

Fix steps

  1. Open the .csr in a text editor: if you see a header like "-----BEGIN CERTIFICATE REQUEST-----" it is PEM; if it looks like binary, it may be DER.
  2. For PEM, use: openssl req -in file.csr -noout -text. For DER, try: openssl req -inform DER -in file.csr -noout -text.

OS-specific troubleshooting

What is a .CSR file?

A .csr is usually a PKCS #10 CertificationRequest as defined in RFC 2986. The request contains the subject information (like a domain name) and a public key, and it is digitally signed with the corresponding private key to prove possession. .csr files are commonly stored as PEM (Base64 with header/footer) or as DER (binary) encodings.

Background

Certificate Signing Requests (CSRs) are a standard part of public key infrastructure (PKI): you generate a key pair, then create a CSR and submit it to a certificate authority (CA) so the CA can issue an X.509 certificate bound to the included public key. The most common CSR format is PKCS #10, and .csr is a common extension for these requests.

Common MIME types: application/pkcs10

Further reading

Authoritative resources for more details on the .CSR format.

Common .CSR issues

OpenSSL says it cannot load the request (wrong format or encoding)

CSRs are commonly PEM (text with BEGIN/END lines) or DER (binary). If the file’s encoding doesn’t match what the tool expects, parsing can fail.

  1. Open the .csr in a text editor: if you see a header like "-----BEGIN CERTIFICATE REQUEST-----" it is PEM; if it looks like binary, it may be DER.
  2. For PEM, use: openssl req -in file.csr -noout -text. For DER, try: openssl req -inform DER -in file.csr -noout -text.

CSR is missing the expected domain/SAN information

A CSR includes the subject and may include requested extensions (commonly subjectAltName). If those fields were not included at generation time, the CA may issue a certificate that doesn’t match what you intended.

  1. Inspect the CSR with: openssl req -in file.csr -noout -text and look for Subject and any requested extensions.
  2. If required names are missing, regenerate the CSR with the correct parameters in your CSR generation tool (for example, using OpenSSL’s req command).

The CA rejects the CSR or the signature check fails

A PKCS #10 CSR is signed with the private key corresponding to the included public key. If the CSR was corrupted during copy/paste, line-wrapped incorrectly, or otherwise altered, the signature may not validate.

  1. If you copied the CSR through email or a web form, re-export the CSR from the source system as a file and avoid manual reformatting.
  2. Validate/display it again with OpenSSL: openssl req -in file.csr -noout -text; if parsing fails, regenerate the CSR from the original key pair.

FAQ

What is a .csr file used for?

It is a certificate signing request that you submit to a certificate authority (CA) to obtain an X.509 certificate for the public key and subject information in the request.

Is .csr the same thing as a certificate (.crt/.cer)?

No. A CSR is a request used to obtain a certificate. A certificate is issued and signed by a CA; a CSR is signed by the requester to prove control of the private key corresponding to the public key in the request.

How can I tell if my .csr is PEM or DER?

Open it in a text editor: PEM looks like Base64 text with header/footer lines such as "-----BEGIN CERTIFICATE REQUEST-----". DER is binary and won’t look like readable text.

What MIME type is used for a PKCS #10 CSR?

The IETF and IANA register the media type application/pkcs10 for PKCS #10 certification requests (as defined by RFC 2986 and described by RFC 5967).

Similar file extensions

Compare related formats in the same category to find the right tool faster.