add ability to trust any number of certs at once, also add ability to trust entire user-provided bundle at once

preload.py

@@ -1,2 +1,4 @@
 def preload(parser):
 	parser.add_argument("--self-sign", action='store_true', help="Trust a provided key/certificate pair passed using --tls-certfile and --tls-keyfile", default=None)
+	parser.add_argument("--autotls-certs", nargs='+', help="Trust one or more given certificates Ex. --certs cert1.cert cert2.cert", default=None)
+	parser.add_argument("--autotls-bundle", help="Pass an entire trust store/bundle to python", default=None)

scripts/auto_tls.py

@@ -13,9 +13,14 @@ def setup_bundle(cert):
 	certifi_bundle = open(certifi.where())
 	wui_bundle = open(wui_bundle_name, "w")
 
-	# merge user cert with certifi bundle into an intermediary webui bundle
+	# merge user cert(s) with certifi bundle into an intermediary webui bundle
 	wui_bundle.write(certifi_bundle.read())
 	wui_bundle.write(cert.read())
+	if cmd_opts.autotls_certs is not None:
+		for c in cmd_opts.autotls_certs:
+			c = open(c)
+			wui_bundle.write(c.read())
+			c.close()
 
 	# cleanup
 	cert.close()
@@ -50,7 +55,7 @@ if not cmd_opts.self_sign:
 else:
 	try:
 		if not os.path.exists(cmd_opts.tls_keyfile):
-			print(f"Invalid path to TLS certfile: '{cmd_opts.tls_keyfile}'")
+			print(f"Invalid path to TLS keyfile: '{cmd_opts.tls_keyfile}'")
 		if not os.path.exists(cmd_opts.tls_certfile):
 			print(f"Invalid path to TLS certfile: '{cmd_opts.tls_certfile}'")
 	except TypeError as e:
@@ -58,5 +63,8 @@ else:
 		print("TLS components missing or invalid.")
 		raise e
 
+if cmd_opts.autotls_bundle is not None:
+	os.environ['REQUESTS_CA_BUNDLE'] = cmd_opts.autotls_bundle
+else:
 	setup_bundle(cmd_opts.tls_certfile)
 print('Certificate trust store ready')