Certificate request and retrieval scripts

I brushed the dust off of some old certificate scripts that I wrote back in 2014 for a project I needed today. Check em out. You can submit CSRs to a CA, approve, and retrieve all in one screen.

You can download the two scripts here (zip file). Details of the files are below.


CertRequestAndRetrieveV2.bat

@echo off
REM: Created 02 December 2014 - JBall - johnDball@johnDball.com
REM: Updated 10 December 2014 - JBall - johnDball@johnDball.com
cls
echo.
echo                   ///////////////////////////////////////
echo                   ////          John Ball            ////
echo                   ////       www.johndball.com       ////
echo                   ////       Certificate Tool        ////
echo                   ////          Revision 2           ////
echo                   ///////////////////////////////////////
echo.
echo.
:Start
echo 1=Submit a request with a CSR
echo 2=Approve a request (requires CA Manager rights)
echo 3=Retrieve a previously approved certificate
echo 4=Start over
echo 5=Exit this program
echo.
CHOICE /C 12345 /M "Which certificate task would you like to complete?"

:: Note - list ERRORLEVELS in decreasing order
IF ERRORLEVEL 5 GOTO ItemFive
IF ERRORLEVEL 4 GOTO ItemFour
IF ERRORLEVEL 3 GOTO ItemThree
IF ERRORLEVEL 2 GOTO ItemTwo
IF ERRORLEVEL 1 GOTO ItemOne
IF

:ItemOne
:StartProcess
SET /P Attribute=Enter the certificate template name here: 
SET /P SubmitFile=Enter the FULL path to the certificate signing request here (no qutoations around path): 
echo.
echo.
certreq -submit -attrib "CertificateTemplate:%Attribute%" "%Submitfile%"
echo.
echo.
pause
GOTO:Start

:ItemTwo
:StartProcess
SET /P RequestID=Enter the certificate request ID here:
SET /P CAServer=Enter the CA server here in the form of CAServerShortName\DomainName-CAServerShortName-CA:
echo.
echo.
certutil -resubmit -config %CAServer% %RequestID%
echo.
echo.
pause
GOTO:Start

:ItemThree
:StartProcess
SET /P reqID=Enter the certificate request ID: 
SET /P saveAS=:Enter a unique name and extension for your certificate such as "EmailCert.crt" or "WebServer.crt": 
echo  Note: The certificate will be saved to C:\users\%username%\downloads\
echo.
echo.
certreq -retrieve %reqID% C:\users\%USERNAME%\downloads\%saveAS%
echo.
echo.
echo Your request was saved to C:\users\%USERNAME%\downloads\%saveAS%
echo.
echo.
pause
GOTO:Start

:ItemFour
cls
GOTO:Start


:ItemFive
Exit

CertRequestV2.bat

@echo off
REM: Created 02 December 2014 - JBall - johnDball@johnDball.com
cls
echo.
echo                   ///////////////////////////////////////
echo                   ////          John Ball            ////
echo                   ////       www.johndball.com       ////
echo                   ////   Certificate Retrieval Tool  ////
echo                   ////          Revision 2           ////
echo                   ///////////////////////////////////////
echo.
echo.
:StartProcess
SET /P reqID=Enter the certificate request ID: 
SET /P saveAS=:Enter a unique name and extension for your certificate such as "EmailCert.crt" or "WebServer.crt": 
echo.
echo.
certreq -retrieve %reqID% C:\users\%USERNAME%\downloads\%saveAS%
echo.
echo.
echo Your request was saved to C:\users\%USERNAME%\downloads\%saveAS%
echo.
echo.
pause
exit

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.