Free, vendor-neutral browser tools for PKI practitioners
Everyday certificate work — checking a key pair, decoding a CSR, generating a new request, or converting a file format — without an account, a backend, or a reason to trust anyone else with your certificates and keys.
Every tool below runs entirely in your browser — nothing you paste or upload is ever sent anywhereChoose a tool
Each tool is a single, self-contained page focused on one task.
Certificate & CSR Validator
Check whether a TLS certificate and a CSR share the same key pair, and see both side by side.
Open tool → DecoderCSR Decoder
Paste or upload a CSR to see its subject, public key, signature algorithm, and requested SANs.
Open tool → GeneratorCSR Generator
Fill in your certificate details and get an OpenSSL command to run on your own server — no key ever touches this page.
Open tool → ConverterCertificate Format Converter
Convert a certificate between PEM and DER, with a summary of what you're converting first.
Open tool → ReferencePKI & Private Key Security FAQ
Plain-English answers about CSRs, certificate chains, and how to keep private keys safe.
Open tool →Certificate work shouldn't require trusting a stranger's server
Certificates and CSRs contain identifying details, and generating either one starts with a private key that should never leave the machine that created it. These tools exist so you can do routine PKI checks without uploading anything to a backend you can't see.
Static pages, no server, no accounts
Every page on this site is a single, self-contained HTML file that runs entirely client-side. There's nothing to sign up for and nothing to configure — paste your data, get your answer, and close the tab.
Developers, administrators, and curious non-experts alike
Whether you manage certificates daily or are troubleshooting one for the first time, each tool page explains what it's showing you in plain language, not just cryptographic jargon.