I brushed the dust off of some old certificate scripts that I wrote back in 2014 for a project I needed today. Check em out. You can submit CSRs to a CA, approve, and retrieve all in one screen.
You can download the two scripts here (zip file). Details of the files are below.
CertRequestAndRetrieveV2.bat
@echo off REM: Created 02 December 2014 - JBall - johnDball@johnDball.com REM: Updated 10 December 2014 - JBall - johnDball@johnDball.com cls echo. echo /////////////////////////////////////// echo //// John Ball //// echo //// www.johndball.com //// echo //// Certificate Tool //// echo //// Revision 2 //// echo /////////////////////////////////////// echo. echo. :Start echo 1=Submit a request with a CSR echo 2=Approve a request (requires CA Manager rights) echo 3=Retrieve a previously approved certificate echo 4=Start over echo 5=Exit this program echo. CHOICE /C 12345 /M "Which certificate task would you like to complete?" :: Note - list ERRORLEVELS in decreasing order IF ERRORLEVEL 5 GOTO ItemFive IF ERRORLEVEL 4 GOTO ItemFour IF ERRORLEVEL 3 GOTO ItemThree IF ERRORLEVEL 2 GOTO ItemTwo IF ERRORLEVEL 1 GOTO ItemOne IF :ItemOne :StartProcess SET /P Attribute=Enter the certificate template name here: SET /P SubmitFile=Enter the FULL path to the certificate signing request here (no qutoations around path): echo. echo. certreq -submit -attrib "CertificateTemplate:%Attribute%" "%Submitfile%" echo. echo. pause GOTO:Start :ItemTwo :StartProcess SET /P RequestID=Enter the certificate request ID here: SET /P CAServer=Enter the CA server here in the form of CAServerShortName\DomainName-CAServerShortName-CA: echo. echo. certutil -resubmit -config %CAServer% %RequestID% echo. echo. pause GOTO:Start :ItemThree :StartProcess SET /P reqID=Enter the certificate request ID: SET /P saveAS=:Enter a unique name and extension for your certificate such as "EmailCert.crt" or "WebServer.crt": echo Note: The certificate will be saved to C:\users\%username%\downloads\ echo. echo. certreq -retrieve %reqID% C:\users\%USERNAME%\downloads\%saveAS% echo. echo. echo Your request was saved to C:\users\%USERNAME%\downloads\%saveAS% echo. echo. pause GOTO:Start :ItemFour cls GOTO:Start :ItemFive Exit
CertRequestV2.bat
@echo off REM: Created 02 December 2014 - JBall - johnDball@johnDball.com cls echo. echo /////////////////////////////////////// echo //// John Ball //// echo //// www.johndball.com //// echo //// Certificate Retrieval Tool //// echo //// Revision 2 //// echo /////////////////////////////////////// echo. echo. :StartProcess SET /P reqID=Enter the certificate request ID: SET /P saveAS=:Enter a unique name and extension for your certificate such as "EmailCert.crt" or "WebServer.crt": echo. echo. certreq -retrieve %reqID% C:\users\%USERNAME%\downloads\%saveAS% echo. echo. echo Your request was saved to C:\users\%USERNAME%\downloads\%saveAS% echo. echo. pause exit