diff --git a/kmip/services/kmip_client.py b/kmip/services/kmip_client.py index bf1b1b8e..982d4647 100644 --- a/kmip/services/kmip_client.py +++ b/kmip/services/kmip_client.py @@ -285,16 +285,16 @@ def open(self): six.reraise(*last_error) def _create_socket(self, sock): - with ssl.SSLContext() as ctx: - self.socket = ctx.wrap_socket( - sock, - keyfile=self.keyfile, - certfile=self.certfile, - cert_reqs=self.cert_reqs, - ssl_version=self.ssl_version, - ca_certs=self.ca_certs, - do_handshake_on_connect=self.do_handshake_on_connect, - suppress_ragged_eofs=self.suppress_ragged_eofs) + context = ssl.create_default_context() + self.socket = context.wrap_socket( + sock, + keyfile=self.keyfile, + certfile=self.certfile, + cert_reqs=self.cert_reqs, + ssl_version=self.ssl_version, + ca_certs=self.ca_certs, + do_handshake_on_connect=self.do_handshake_on_connect, + suppress_ragged_eofs=self.suppress_ragged_eofs) self.socket.settimeout(self.timeout) def __del__(self): diff --git a/kmip/services/server/server.py b/kmip/services/server/server.py index e32abad3..bd1485fa 100644 --- a/kmip/services/server/server.py +++ b/kmip/services/server/server.py @@ -287,19 +287,19 @@ def interrupt_handler(trigger, frame): for cipher in auth_suite_ciphers: self._logger.debug(cipher) - with ssl.SSLContext() as ctx: - self._socket = ctx.wrap_socket( - self._socket, - keyfile=self.config.settings.get('key_path'), - certfile=self.config.settings.get('certificate_path'), - server_side=True, - cert_reqs=ssl.CERT_REQUIRED, - ssl_version=self.auth_suite.protocol, - ca_certs=self.config.settings.get('ca_path'), - do_handshake_on_connect=False, - suppress_ragged_eofs=True, - ciphers=self.auth_suite.ciphers - ) + context = ssl.create_default_context() + self._socket = context.wrap_socket( + self._socket, + keyfile=self.config.settings.get('key_path'), + certfile=self.config.settings.get('certificate_path'), + server_side=True, + cert_reqs=ssl.CERT_REQUIRED, + ssl_version=self.auth_suite.protocol, + ca_certs=self.config.settings.get('ca_path'), + do_handshake_on_connect=False, + suppress_ragged_eofs=True, + ciphers=self.auth_suite.ciphers + ) try: self._socket.bind(