SSL Toolkit

Name: SSL Toolkit
Author: MyWebFix

CSR & Key Generator

Common Name (CN):

Organization (O):

Organizational Unit (OU):

Locality (L):

State (ST):

Country (C):

Key Size:

CSR Decoder

Paste CSR Upload File

Certificate Decoder

Paste Certificate Upload File

Certificate Key Checker

Paste or upload a CSR, certificate, and private key to compare their public key material locally in your browser. Private keys may use the passphrase field below when encrypted.

CSR

Paste CSR Upload CSR

Certificate

Paste Certificate Upload Certificate

Private Key

Paste Key Upload Key

Private Key Passphrase (if encrypted)

Converter

Paste Certificate Upload Certificate File

Certificate (PEM)

Paste Private Key Upload Key File

Private Key (PEM)

Private Key Passphrase (if encrypted)

Paste CA Bundle (optional) Upload CA Bundle File

CA Bundle (PEM, optional)

Password (required)

Friendly Name (optional)

Paste Certificates Upload Certificate File

Certificates (PEM; one or multiple concatenated)

Drag & drop or click

Password

Drag & drop or click

Drag & drop PKCS#7 or click

Paste Private Key Upload Key File

Private Key (PEM)

Private Key Passphrase (if encrypted)

Password (required)

Friendly Name (optional)

macOS Toolkit

Convert & inspect P12/PFX certificates for macOS Keychain compatibility. Processed entirely in-browser.

Drag & drop P12/PFX or click to browse

Certificate Password

Drag & drop P12/PFX or click to browse

Certificate Password

Terminal Import (Only if Keychain still fails)

If Keychain Access still fails to import the certificate after using the macOS-compatible .p12 generated by this tool, you can import it via Terminal instead:

security import cert.p12 -k ~/Library/Keychains/login.keychain -P "import_password"

Notes:
• Replace cert.p12 with your actual certificate file name
• Replace "import_password" with your certificate import password (keep the quotes)
• ~/Library/Keychains/login.keychain is the default macOS login keychain — no changes needed

SSL Toolkit lets you generate CSRs and private keys, decode CSRs and X.509 certificates, verify private key matches, and convert between PEM, PKCS#7, and PKCS#12. All tools run in your browser using JavaScript already loaded in this page: your files and private keys stay in this browser session and are not submitted to our server. After the page loads, you can disconnect from the internet and the tools will still work.

CSR & private key generator with SAN / wildcard support
CSR/certificate decoder: subject, issuer, SAN, key usage, fingerprints
Private key ↔ certificate/CSR matcher (RSA)
Converters: PEM ↔ PKCS#12, PEM ↔ PKCS#7
OpenSSL command equivalents for transparency
macOS Toolkit: convert & inspect P12/PFX for keychain compatibility

FAQ

Is the SSL Toolkit safe to use?

Yes. CSR/key generation, decoding, matching, and conversions run locally in your browser. Files and private keys are not uploaded to our server or sent anywhere. For extra confidence, load the page, turn off your internet connection, and the tools will continue working.

Which formats are supported?

PEM, PKCS#7 (.p7b/.p7s), and PKCS#12 (.p12/.pfx). You can generate, decode, verify matches, and convert between them.

Can I include Subject Alternative Names (SAN)?

Yes. Use the SAN/Wildcard panel in the CSR & Key Generator to add multiple domains, IPs, or a wildcard.