#!/usr/bin/env python3
import base64
import socket
import ssl

from cryptography import x509


def get_server_certificate(hostname, port=443):
    # context = ssl.create_default_context()
    context = ssl._create_unverified_context()

    with socket.create_connection((hostname, port)) as sock:
        with context.wrap_socket(sock, server_hostname=hostname) as ssock:
            cert = ssock.getpeercert(binary_form=True)
            return cert


if __name__ == "__main__":
    certificate = get_server_certificate("hatter.ink")
    # print(f"Certificate: {certificate}")
    print(base64.encodebytes(certificate).decode('utf-8'))
    cert = x509.load_der_x509_certificate(certificate)
    print(cert)
    print(cert.subject)
    print(cert.issuer)
    print(cert.not_valid_before_utc, ' --> ', cert.not_valid_after_utc)
    print("-" * 88)
    for ext in cert.extensions:
        print(ext.oid, ':', ext.value)