Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env perl
- use strict;
- use warnings;
- use Data::Dumper;
- my $host = $ARGV[0];
- my $port = $ARGV[1] || 443;
- my $export_file = $ARGV[2] || "/etc/pki/trust/anchors/$host.pem";
- die "You must be root to run this script\n" if ($>);
- die "No host given\nUsage: $0 <host> [port] [export_file]\n" if not $host;
- my @out = `echo Q|openssl s_client -showcerts -connect $host:$port`;
- my $cnt = 0;
- my $in = 0;
- my @certs;
- foreach my $line (@out) {
- $in =1 if ($line eq "-----BEGIN CERTIFICATE-----\n") {
- $certs[$cnt] .= $line if ($in);
- if ($line eq "-----END CERTIFICATE-----\n") {
- $in=0;
- $cnt++;
- }
- }
- open(my $fh, '>', $export_file);
- print $fh $_ for @certs;
- close $fh;
- system("update-ca-certificates");
- exit 0;
Add Comment
Please, Sign In to add comment