[pcpuser]

Again, completely off the mark here. To create any CSR, bifrost or not, you need the private key that the CSR represents.

> Creating a CSR creats my private key for the CSR...

Not really sure what's going on here tbh.

[Grimeton]

> Again, completely off the mark here. To create any CSR, bifrost or not, you need the private key that the CSR represents.

Yeah... No. You create a public/private key pair and the CSR CONTAINS that public key together with additional information.

>Not really sure what's going on here tbh.

I'm not surprised. Go read up on this stuff.

[pcpuser]

Please read this section carefully: https://datatracker.ietf.org/doc/html/rfc2986#section-3

The CSR contains the digital signature of the public key that is requesting the certificate. So you absolutely need the private key to create a CSR. How would you create a CSR with just a public key?

[Grimeton]

> Please read this section carefully: https://datatracker.ietf.org/doc/html/rfc2986#section-3

Yeah, go read it:

   The
   certification request information consists of the entity's
   distinguished name, the entity's public key, and a set of attributes
   providing other information about the entity.

[pcpuser]

So close once more lol

> 2. The CertificationRequestInfo value is signed with the subject entity's private key. (See Section 4.2.)

I wonder what this means? Hmm...

[Grimeton]

>The CSR contains the digital signature of the public key that is requesting the certificate. So you absolutely need the private key to create a CSR. How would you create a CSR with just a public key?

Do you really not know what you're talking about or are you trolling at this point?