Run the following Python script to print out what certificate data was used to create the connection: ```python from urllib.parse import urlparse import ssl import socket def print_certificate_details(cert_info, source="direct SSL connection"): if not cert_info: print(f"No certificate information retrieved ({source}).") return print(f"\nCertificate Information (from {source}):") for key, value in cert_info.items(): if key in ['subject', 'issuer']: print(f" {key.capitalize()}:") # value is a tuple of RDNs (Relative Distinguished Names) # Each RDN is a tuple of AVAs (Attribute Value Assertions) # Each AVA is like (type, value_string) for rdn_sequence in value: for rdn_component in rdn_sequence: print(f" {rdn_component[0]}: {rdn_component[1]}") elif key == 'subjectAltName': print(f" Subject Alternative Names:") for san_type, san_value in value: print(f" {san_type}: {san_value}") elif key == 'OCSP': print(f" OCSP URIs:") for ocsp_uri in value: print(f" {ocsp_uri}") elif key == 'caIssuers': print(f" CA Issuers URIs:") for ca_issuer_uri in value: print(f" {ca_issuer_uri}") elif key == 'crlDistributionPoints': print(f" CRL Distribution Points:") for crl_uri in value: print(f" {crl_uri}") else: print(f" {key}: {value}") def get_cert_info_from_url(url): if not url.startswith('https://'): print(f"URL '{url}' is not HTTPS. SSL certificate information is not applicable.") return parsed_url = urlparse(url) hostname = parsed_url.hostname port = parsed_url.port or 443 if not hostname: print(f"Could not parse hostname from URL: {url}") return print(f"Attempting direct SSL connection to {hostname}:{port} for certificate details...") try: # Create a default SSL context for secure connection context = ssl.create_default_context() # Establish a regular socket connection with socket.create_connection((hostname, port), timeout=10) as direct_sock: # Wrap the socket with SSL/TLS with context.wrap_socket(direct_sock, server_hostname=hostname) as ssl_sock: # Retrieve the peer's certificate cert_direct = ssl_sock.getpeercert() print_certificate_details(cert_direct, source=f"direct SSL connection to {hostname}:{port}") except socket.gaierror as e: print(f"Address-related error connecting to {hostname}:{port} directly: {e}") except socket.timeout: print(f"Timeout connecting to {hostname}:{port} directly after 10 seconds.") except ConnectionRefusedError: print(f"Connection refused by {hostname}:{port} (direct connection).") except ssl.SSLCertVerificationError as e: print(f"SSL Certificate Verification Error for {hostname}:{port} (direct connection): {e.reason}") # In case of verification error, you might still want to try to get the cert for inspection try: cert_unverified = ssl_sock.getpeercert() print_certificate_details(cert_unverified, source=f"direct SSL connection to {hostname}:{port} (verification failed)") except Exception as e_unverified: print(f"Could not get certificate even with verification error: {e_unverified}") except ssl.SSLError as e: print(f"SSL Error for {hostname}:{port} (direct connection): {e}") except Exception as e_direct: print(f"An unexpected error occurred during direct SSL connection to {hostname}:{port}: {e_direct}") if __name__ == "__main__": target_url = input("Enter the HTTPS URL to check (e.g., https://www.google.com): ") while target_url: get_cert_info_from_url(target_url) target_url = input("Enter the HTTPS URL to check, or hit return to exit: ") print("No URL provided. Exiting.") ```