From bb1d61e2d942fdab265b77cf1c2c21974adfca97 Mon Sep 17 00:00:00 2001
From: Anael Mobilia <AnaelMobilia@users.noreply.github.com>
Date: Wed, 8 Apr 2020 11:40:41 +0200
Subject: [PATCH] Fix ssl.SSLCertVerificationError

If the certificate is already expired, the script crash.
Fix #286
---
 snmp/certificate.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/snmp/certificate.py b/snmp/certificate.py
index 8957b7c..e81502b 100755
--- a/snmp/certificate.py
+++ b/snmp/certificate.py
@@ -24,12 +24,14 @@ def get_certificate_data(domain, port=443):
     # 3 second timeout because Lambda has runtime limitations
     conn.settimeout(3.0)
 
+    ssl_info = None
     try:
         conn.connect((domain, port))
         error_msg = None
-    except ConnectionRefusedError as e:
+        ssl_info = conn.getpeercert()
+    except (ConnectionRefusedError, ssl.SSLCertVerificationError) as e:
         error_msg = e
-    ssl_info = conn.getpeercert()
+
     return ssl_info, error_msg