getpeercert(binary_form=False) method of ssl.SSLObject instance
Returns a formatted version of the data in the certificate provided
by the other end of the SSL channel.
Return None if no certificate was provided, {} if a certificate was
provided, but not validated.
Looking up the avenues available for validation sounds like a useful
rabbit hole. People must have been doing certificate pinning for
openssl connections for a long time.
