CSR Generator
meerkat pki tools · keys generated server-side, never stored on the server
Key Parameters
These keys are intentionally weak or blacklisted. Use one to verify that a CA, linter, or ACME server correctly refuses the CSR. Your DN and SANs are used as-is — only the key is the bad part. Key Parameters above are disabled while this panel is open.
Subject Distinguished Name
Subject Alternative Names (optional)
Result
⚠ Save your private key now — it is not stored on the server.
Private Key
Certificate Signing Request
PKCS#12 Builder
Return here after issuance, paste the certificate, and build a password-protected
.p12. The chain is detected automatically when the issuer is available.
Issued Certificate
Issuer / Intermediate Chain
Automatic chain lookup could not complete the path. Paste the issuing CA and any intermediates here. Private keys are rejected.