diff --git a/lib/acme.js b/lib/acme.js
index ea7113a..b48f2c9 100644
--- a/lib/acme.js
+++ b/lib/acme.js
@@ -827,6 +827,16 @@ ACME._getCertificate = function (me, options) {
   });
 };
 ACME._generateCsrWeb64 = function (me, options, validatedDomains) {
+  var csr;
+  if (options.csr) {
+    csr = options.csr;
+    // if der, convert to base64
+    if ('string' !== typeof csr) { csr = Enc.bufToUrlBase64(csr); }
+    // nix PEM headers, if any
+    if ('-' === csr[0]) { csr = csr.split(/\n+/).slice(1, -1).join(''); }
+    csr = Enc.base64ToUrlBase64(csr.trim().replace(/\s+/g, ''));
+    return Promise.resolve(csr);
+  }
   return ACME._importKeypair(me, options.domainKeypair).then(function (pair) {
     return me.CSR({ jwk: pair.private, domains: validatedDomains, encoding: 'der' }).then(function (der) {
       return Enc.bufToUrlBase64(der);
diff --git a/lib/bluecrypt-encoding.js b/lib/bluecrypt-encoding.js
index c2473a6..a9609e5 100644
--- a/lib/bluecrypt-encoding.js
+++ b/lib/bluecrypt-encoding.js
@@ -66,8 +66,11 @@ Enc.numToHex = function (d) {
 };
 
 Enc.bufToUrlBase64 = function (u8) {
-  return Enc.bufToBase64(u8)
-    .replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+  return Enc.base64ToUrlBase64(Enc.bufToBase64(u8));
+};
+
+Enc.base64ToUrlBase64 = function (str) {
+  return str.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
 };
 
 Enc.bufToBase64 = function (u8) {