Why should my certificate signing request be signed by my private key?

I'm sure if you looked hard enough you could find the official explanation:

The signature on the certification request prevents an entity from requesting a certificate with another party's public key. Such an attack would give the entity the minor ability to pretend to be the originator of any message signed by the other party. This attack is significant only if the entity does not know the message being signed and the signed part of the message does not identify the signer. The entity would still not be able to decrypt messages intended for the other party, of course.

RFC 2986: PKCS #10: Certification Request Syntax Specification -- Version 1.7


Accepting unsigned signing requests would not invalidate SSL. But certificates are not used solely for SSL.

Beyond the reason in RFC 2986 that Jonathan Gray already cited, consider the fact that a certificate does more than associate a distinguished name and a public key. It also associates extra information (such as a human name and address). If Eve can get a CA to sign a certificate containing (Eve's public key, DN=acme.com, CN=“Kitten Killers, Inc.”), then the CA is lending legitimacy to stating that acme.com is “Kitten killers Inc.”. Since a CSR has to be signed, only the entity that can get a certificate for acme.com in the first place can pick the common name that it wants to be associated with.


Besides authenticating the request, signing also ensures that the CSR isn't tampered with. This helps ensure that certs with invalid data aren't created and potentially used, either accidentally or maliciously.