nchebrov/stellars-jupyterhub-ds
1
0
Fork 0
mirror of https://github.com/stellarshenson/stellars-jupyterhub-ds.git synced 2026-03-08 06:00:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
da6cb127d8aebceeaeda8d8f4205dc989ec4f039
stellars-jupyterhub-ds/extra/certs-installer/install_cert.bat
stellarshenson 988cebf9f1 chore: enhance certs-installer with folder param and help 
- Add optional directory argument to install_cert.sh and install_cert.bat
- Add -h/--help flags showing usage, file types, and examples
- Display scanning directory in output
- Increase logo height to 2.25rem
2026-01-07 03:44:31 +01:00

185 lines
6.3 KiB
Batchfile
Executable File
Raw Blame History

@echo off
setlocal enabledelayedexpansion
REM Check for help flag
if "%~1"=="-h" goto :show_help
if "%~1"=="--help" goto :show_help
if "%~1"=="/?" goto :show_help
REM Optional argument: folder to search for certificates (default: current directory)
set "CERT_DIR=%~1"
if "%CERT_DIR%"=="" set "CERT_DIR=."
REM Check if directory exists
if not exist "%CERT_DIR%\" (
echo Error: Directory '%CERT_DIR%' not found.
echo Use --help for usage information.
pause
exit /b 1
)
echo ============================================
echo Certificate Installer - Root Trust Store
echo ============================================
echo.
echo Scanning directory: %CERT_DIR%
echo.
echo WARNING: This script installs certificates
echo into your Trusted Root Certification
echo Authorities store.
echo.
echo This is intended for custom self-signed
echo certificates from TRUSTED sources only.
echo.
echo *** INSTALLING UNKNOWN CERTIFICATES IS ***
echo *** EXTREMELY DANGEROUS! ***
echo.
echo A malicious root certificate can allow
echo attackers to intercept ALL your encrypted
echo traffic, including passwords, banking,
echo and personal data.
echo.
echo Only proceed if you know and trust the
echo source of these certificates!
echo ============================================
echo.
set /p "proceed=Do you want to continue? (Y/N): "
if /i not "%proceed%"=="Y" (
echo Aborted.
pause
exit /b
)
echo.
echo Scanning for certificate and key files...
echo.
set "found=0"
set "certcount=0"
set "keycount=0"
for %%F in ("%CERT_DIR%\*.cer" "%CERT_DIR%\*.crt" "%CERT_DIR%\*.pem" "%CERT_DIR%\*.der" "%CERT_DIR%\*.key" "%CERT_DIR%\*.p12" "%CERT_DIR%\*.pfx") do (
set "found=1"
echo --------------------------------------------
echo File: %%F
echo --------------------------------------------
REM Create temp PowerShell script for reliable execution
(
echo $file = '%%F'
echo $ext = [System.IO.Path]::GetExtension^($file^).ToLower^(^)
echo $content = Get-Content $file -Raw -ErrorAction SilentlyContinue
echo.
echo # Check for private key patterns
echo $isKey = $false
echo if ^($ext -eq '.key'^) { $isKey = $true }
echo elseif ^($content -match '-----BEGIN ^(RSA ^|EC ^|ENCRYPTED ^|^)PRIVATE KEY-----'^) { $isKey = $true }
echo elseif ^($content -match '-----BEGIN OPENSSH PRIVATE KEY-----'^) { $isKey = $true }
echo.
echo if ^($isKey^) {
echo Write-Host '[PRIVATE KEY] - Skipping ^(not a certificate^)' -ForegroundColor Yellow
echo Write-Host 'Type: Private Key file'
echo exit 1
echo }
echo.
echo # Check for PKCS#12/PFX files
echo if ^($ext -eq '.p12' -or $ext -eq '.pfx'^) {
echo Write-Host '[PKCS#12/PFX] - Contains certificate + private key bundle' -ForegroundColor Yellow
echo Write-Host 'Note: Use certutil or MMC to import PFX files with private keys'
echo exit 2
echo }
echo.
echo # Try to load as certificate
echo try {
echo $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2^($file^)
echo Write-Host '[CERTIFICATE]' -ForegroundColor Green
echo Write-Host 'Subject ^(CN^):' $cert.Subject
echo Write-Host 'Issuer:' $cert.Issuer
echo Write-Host 'Valid From:' $cert.NotBefore
echo Write-Host 'Valid To:' $cert.NotAfter
echo Write-Host 'Thumbprint:' $cert.Thumbprint
echo $san = $cert.Extensions ^| Where-Object { $_.Oid.FriendlyName -eq 'Subject Alternative Name' }
echo if ^($san^) { Write-Host 'SANs:' $san.Format^(1^) } else { Write-Host 'SANs: ^(none^)' }
echo exit 0
echo } catch {
echo Write-Host '[UNKNOWN/INVALID] - Could not parse as certificate' -ForegroundColor Red
echo Write-Host 'Error:' $_.Exception.Message
echo exit 3
echo }
) > "%TEMP%\certcheck.ps1"
powershell -ExecutionPolicy Bypass -File "%TEMP%\certcheck.ps1"
set "exitcode=!errorlevel!"
echo.
REM Only prompt for installation if it's a valid certificate (exit code 0)
if "!exitcode!"=="0" (
set /p "confirm=Install this certificate to Trusted Root store? (Y/N): "
if /i "!confirm!"=="Y" (
echo Installing %%F...
powershell -Command "Import-Certificate -FilePath '%%F' -CertStoreLocation Cert:\CurrentUser\Root" >nul 2>&1
if !errorlevel! equ 0 (
echo [SUCCESS] Certificate installed.
set /a "certcount+=1"
) else (
echo [ERROR] Failed to install certificate. Try running as Administrator.
)
) else (
echo Skipped %%F
)
) else if "!exitcode!"=="1" (
set /a "keycount+=1"
echo [Skipped - Private key]
) else if "!exitcode!"=="2" (
echo [Skipped - Use different tool for PFX import]
) else (
echo [Skipped - Invalid or unrecognized file]
)
echo.
)
REM Cleanup temp file
del "%TEMP%\certcheck.ps1" 2>nul
if "!found!"=="0" (
echo No certificate or key files found in '%CERT_DIR%'.
echo Supported extensions: .cer, .crt, .pem, .der, .key, .p12, .pfx
)
echo ============================================
echo Summary:
echo Certificates installed: !certcount!
echo Private keys found (skipped): !keycount!
echo ============================================
echo.
echo Done.
pause
exit /b
:show_help
echo Certificate Installer - Install certificates to Windows trust store
echo.
echo Usage: install_cert.bat [OPTIONS] [DIRECTORY]
echo.
echo Arguments:
echo DIRECTORY Folder to search for certificates (default: current directory)
echo.
echo Options:
echo -h, --help, /? Show this help message and exit
echo.
echo Supported file types:
echo .cer, .crt, .pem, .der - X.509 certificates (will be installed)
echo .key - Private keys (skipped)
echo .p12, .pfx - PKCS#12 bundles (skipped - use different tool)
echo.
echo Examples:
echo install_cert.bat # Scan current directory
echo install_cert.bat C:\path\to\certs # Scan specific directory
echo install_cert.bat .\my-certs # Scan relative path
echo.
echo Note: May require Administrator privileges for system-wide installation.
pause
exit /b
Reference in New Issue View Git Blame Copy Permalink