package main

import (
	"crypto/tls"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"os"
)

func getcert(socket string) (*x509.Certificate, error){
	conn, err := tls.Dial("tcp", socket, &tls.Config{InsecureSkipVerify: true})
	if err != nil {
		return nil, err
	}
	defer conn.Close()
	return conn.ConnectionState().PeerCertificates[0], nil
}

func main() {
	for _, socket := range os.Args[1:] {
		cert, err := getcert(socket)
		if cert == nil {
			fmt.Fprintf(os.Stderr, "Could not get certificate for socket %q: %q\n", socket, err)
			os.Exit(1)
		}
		block := pem.Block{
			Type: "CERTIFICATE",
			Headers: map[string]string{"X-Socket": socket},
			Bytes: cert.Raw,
		}
		pem.Encode(os.Stdout, &block)
	}
}