When one needs to add an extra certificate to a certificate bundle, the first idea might be something like this:
Termnalcat example.pem >> /etc/ssl/certs/ca-bundle.crt
And that will work - if you are a root user. However, if you are just a sudoer, or God-forbid a cloud-user, you might find yourself up the creek without a paddle.
You see, sudo won't simply do as it operates on the source and not the destination:
Termnalsudo cat example.pem >> /etc/ssl/certs/ca-bundle.crt
-bash: /etc/ssl/certs/ca-bundle.crt: Permission denied
You might want to play with tee, but depending on your exact permissions that might fail also.
Termnalcat example.pem | sudo tee -a /etc/ssl/certs/ca-bundle.crt
However, one command that never fails is vi as it has quite a lot of code to work out writing to read-only files. And conveniently, we can script it too:
Termnalsudo ex +"r /opt/install/ca.pem" -scwq! /etc/ssl/certs/ca-bundle.crt
Yep, we essentially start vi, read the extra content into it, and then force-save it all.