While what others have said about remote private key generation is rather lapse security and could be used for malicious purposes, however for development purposes it's a neat little utility. Nice work.
A CSR is Certificate Signing Request, not a certificate, suggesting that this utility exists for the purpose of submitting a CSR to a Certificate Authority (CA). What "development purpose" could that serve? Nobody should use this, especially developers, who should know better.