How to save a remote server SSL certificate locally as a file

"If you have access to OpenSSL, try

openssl s_client -connect {HOSTNAME}:{PORT} -showcerts

replacing {HOSTNAME} and {PORT} with whatever your values are."

"To be honest, I have never tried this before (never needed to) however, I have just tried in Firefox and it seems to work for saving:

Click on the SSL certificate icon at the top / Padlock at the bottom.
Click View Certificate
Click on the Details Tab
Chose which certificate you want from the hierarchy [not circled in picture]
Click Export"

"automated

-servername was required for me to get the right cert from the virtual host on our server.

openssl s_client -showcerts -connect host.name.com:443 -servername host.name.com </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > host.name.com.pem

you may also convert to a certificate for desktop

openssl x509 -inform PEM -in host.name.com.pem -outform DER -out host.name.com.cer

last part is to add it to your certs, not sure on windows
for mac keychain I used, should be similar...

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain host.name.com.cer"

"This will give the results containing the certificates only
echo QUIT | \
openssl s_client -showcerts -connect hostname:port | \
awk '/-----BEGIN CERTIFICATE-----/ {p=1}; p; /-----END CERTIFICATE-----/ {p=0}'"

"Found a much easier way if on Windows. Tried Microsoft Edge (pre-chromium) and clicked on the lock in the address bar -> View certificate
Dialog pops up with an ""Export to File"" button, which saves it as a .crt file.

Not much I'd use Edge for, but this was piece of cake."