But you could abstract it away. Keep things plain text (JSON?) in the API and generate ASN.1/DER/PEM from that. You’d be saving folks making clients a huge amount of hassle that way.
I mean, take a look at this: Invalid signature on CSR when finalizing - #24 by stewe – you could make it so no one has to go through that again 
(Says the guy currently trying to figure out why his staging tests are returning urn:ietf:params:acme:error:badCSR errors when nothing’s changed in the code.)