use create_default_context() to create context with sane defaults

bj00rn · bj00rn · commit 45d45d1be9b1 · 2025-06-18T09:35:39.000+02:00
diff --git a/src/publisher/mqtt_publisher.py b/src/publisher/mqtt_publisher.py
@@ -52,17 +52,17 @@ async def connect(self) -> None:
                 self.client.set_auth_credentials(username=self.configuration.mqtt_user)
 
         if self.transport_protocol.with_tls:
+            ssl_context = ssl.create_default_context()
             cert_uri = self.configuration.tls_server_cert_path
             LOG.debug(
                 f"Configuring network encryption and authentication options for MQTT using {cert_uri}"
             )
-            ssl_context = ssl.SSLContext()
             if cert_uri:
                 ssl_context.load_verify_locations(cafile=cert_uri)
                 ssl_context.check_hostname = False
             else:
                 LOG.debug(f"Custom certificate chain not provided, using default")
-                ssl_context = True  # Use default SSL context if no cert is provided
+
         else:
             ssl_context = None
         await self.client.connect(
