From 2f400fccee729dc9dfdaf176a58f02d92f7aac48 Mon Sep 17 00:00:00 2001
From: "Peter J. Holzer" <hjp@hjp.at>
Date: Wed, 21 Dec 2022 10:03:13 +0100
Subject: [PATCH] Print SSLCertVerificationError if we get one

This also adds an option --verbose, but it doesn't actually do anything.
The error is alway reported.
---
 clients/report_tlscert | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/clients/report_tlscert b/clients/report_tlscert
index a81633c..9806431 100755
--- a/clients/report_tlscert
+++ b/clients/report_tlscert
@@ -11,6 +11,7 @@ import time
 import requests
 
 ap = argparse.ArgumentParser()
+ap.add_argument("--verbose", action="store_true")
 ap.add_argument("hostname")
 ap.add_argument("port", type=int, default=443, nargs="?")
 args = ap.parse_args()
@@ -28,7 +29,8 @@ with socket.create_connection((args.hostname, args.port)) as sock:
             cert = ssock.getpeercert()
             not_after = ssl.cert_time_to_seconds(cert["notAfter"])
             delta = not_after - now
-    except ssl.SSLCertVerificationError:
+    except ssl.SSLCertVerificationError as e:
+        print("got error %s; setting delta to 0", e)
         delta = 0
     report0.append({ "measure": "tls_cert_ttl", "unit": "s", "value": delta })