Appending to Certificate Bundle
When one needs to add an extra certificate to a certificate bundle, the first idea might be something like this:
cat example.pem >> /etc/ssl/certs/ca-bundle.crtAnd that will work - if you are a root user. However, if you are just a sudoer, or God-forbid a cloud-user, you might find yourself up the creek without a paddle.
You see, sudo won’t simply do as it operates on the source and not the destination:
sudo cat example.pem >> /etc/ssl/certs/ca-bundle.crt
-bash: /etc/ssl/certs/ca-bundle.crt: Permission deniedYou might want to play with tee, but depending on your exact permissions that might fail also.
cat example.pem | sudo tee -a /etc/ssl/certs/ca-bundle.crtHowever, one command that never fails is vi as it has quite a lot of code to work out writing to read-only files. And conveniently, we can script it too:
sudo ex +"r /opt/install/ca.pem" -scwq! /etc/ssl/certs/ca-bundle.crtYep, we essentially start vi, read the extra content into it, and then force-save it all.