M0ses/import_pem

## import_pem
#!/usr/bin/env perl

use strict;
use warnings;
use Data::Dumper;

my $host = $ARGV[0];
my $port = $ARGV[1] || 443;
my $export_file = $ARGV[2] || "/etc/pki/trust/anchors/$host.pem";

die "You must be root to run this script\n" if ($>);
die "No host given\nUsage: $0 <host> [port] [export_file]\n" if not $host;

my @out = `echo Q|openssl s_client -showcerts -connect $host:$port`;

my $cnt = 0;
my $in = 0;
my @certs;
foreach my $line (@out) {
  $in =1 if ($line eq "-----BEGIN CERTIFICATE-----\n") {
  $certs[$cnt] .=  $line if ($in);
  if ($line eq "-----END CERTIFICATE-----\n") {
    $in=0;
    $cnt++;
  }
}

open(my $fh, '>', $export_file);
print $fh $_ for @certs;
close $fh;
system("update-ca-certificates");
exit 0;
	#!/usr/bin/env perl

	use strict;
	use warnings;
	use Data::Dumper;

	my $host = $ARGV[0];
	my $port = $ARGV[1] \|\| 443;
	my $export_file = $ARGV[2] \|\| "/etc/pki/trust/anchors/$host.pem";

	die "You must be root to run this script\n" if ($>);
	die "No host given\nUsage: $0 <host> [port] [export_file]\n" if not $host;

	my @out = `echo Q\|openssl s_client -showcerts -connect $host:$port`;

	my $cnt = 0;
	my $in = 0;
	my @certs;
	foreach my $line (@out) {
	$in =1 if ($line eq "-----BEGIN CERTIFICATE-----\n") {
	$certs[$cnt] .= $line if ($in);
	if ($line eq "-----END CERTIFICATE-----\n") {
	$in=0;
	$cnt++;
	}
	}

	open(my $fh, '>', $export_file);
	print $fh $_ for @certs;
	close $fh;
	system("update-ca-certificates");
	exit 0;