diff --git a/tools/ci-license-scan b/tools/ci-license-scan
index 29b92504a420664cafb541d1d904770e0f627ab2..453ecd5d179f206ea3c3434c92c5ebcdf0433a1e 100755
--- a/tools/ci-license-scan
+++ b/tools/ci-license-scan
@@ -388,6 +388,36 @@ def get_pattern_broadness(pattern):
     return pattern.count("*") + pattern.count("?")
 
 
+def propose_whitelist(license):
+    reason = None
+    if license.file.startswith("debian/"):
+        reason = "# debian metadata is not part of build artifacts\n"
+    elif license.file.startswith(("doc/", "docs/")):
+        reason = "# docs are not meant to be installed in target\n"
+    elif license.file.startswith(("test/", "tests/", "testsuite/")):
+        reason = "# tests are not meant to be installed in target\n"
+    elif license.file.startswith(("example/", "examples/")):
+        reason = "# examples are not meant to be installed in target\n"
+    elif license.file.startswith("m4/") or license.file.endswith(".m4"):
+        reason = "# preprocesor files are not meant to be installed in target\n"
+    elif license.file.startswith(("build/", "build-aux")) or license.file.endswith(
+        (".am", ".in", ".make")
+    ):
+        reason = "# build scripts are not meant to be installed in target\n"
+    else:
+        reason = "# PLEASE FILL THE REASON TO WHITELIST\n"
+    if reason:
+        with open("debian/apertis/copyright.whitelist", "a+") as f:
+            f.seek(0)
+            buf = f.read()
+            data = ""
+            if len(buf) and buf[-1] != "\n":
+                data += "\n"
+            data += reason
+            data += license.file + "\n"
+            f.write(data)
+
+
 def main():
     parser = argparse.ArgumentParser()
     parser.add_argument(
@@ -434,6 +464,11 @@ def main():
         default=["debian/apertis/copyright.whitelist"],
         help="extra file whitelist",
     )
+    parser.add_argument(
+        "--propose-whitelist",
+        action="store_true",
+        help="propose a whitelist in case of failure",
+    )
     args = parser.parse_args()
     print("%s fail on change" % ("Will" if args.fail_on_change else "Will not"))
     print(
@@ -599,9 +634,18 @@ def main():
         for license in sorted(unknown_licensed):
             print(f" UNKNOWN license entry found: {license}", file=sys.stderr)
             should_fail = args.fail_on_unknown
+            if args.propose_whitelist:
+                propose_whitelist(license)
         for license in sorted(bad_licenses):
             print(f" Blacklisted license entry found: {license}", file=sys.stderr)
+            if args.propose_whitelist:
+                propose_whitelist(license)
             should_fail = True
+        if args.propose_whitelist:
+            print(
+                "\nPROPOSED WHITELIST HAVE BEEN ADDED, PLEASE REVIEW THEM!!!\n",
+                file=sys.stderr,
+            )
         if should_fail:
             sys.exit(1)