use std::io::Write;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let args: Vec<String> = std::env::args().collect();
if args.len() < 2 {
eprintln!("Usage: {} <server:port>", args[0]);
std::process::exit(1);
}
let server_addr = &args[1];
println!("Extracting certificate chain from {}...\n", server_addr);
let output = std::process::Command::new("openssl")
.args(&["s_client", "-connect", server_addr, "-showcerts"])
.stdin(std::process::Stdio::null())
.output()?;
let output_str = String::from_utf8_lossy(&output.stdout);
let cert_count = output_str.matches("-----BEGIN CERTIFICATE-----").count();
println!("Found {} certificate(s) in the chain:\n", cert_count);
let chain_file = "takserver_chain.pem";
let mut file = std::fs::File::create(chain_file)?;
let mut in_cert = false;
for line in output_str.lines() {
if line.contains("-----BEGIN CERTIFICATE-----") {
in_cert = true;
}
if in_cert {
writeln!(file, "{}", line)?;
}
if line.contains("-----END CERTIFICATE-----") {
in_cert = false;
}
}
println!("✓ Saved full certificate chain to: {}\n", chain_file);
println!("Now run your example with:");
println!(" cargo run --example trust_server_cert --features openssl-p12 -- \\");
println!(" {} <server_name> <p12_file> <password> {}", server_addr, chain_file);
Ok(())
}