PYTHON-5014 Tests that use HTTPSConnection should only use stdlib ssl (#2053)

ShaneHarvey · web-flow · commit 6c9a20a49d37 · 2025-01-10T09:32:07.000-08:00
diff --git a/test/asynchronous/test_encryption.py b/test/asynchronous/test_encryption.py
@@ -98,7 +98,6 @@
     WriteError,
 )
 from pymongo.operations import InsertOne, ReplaceOne, UpdateOne
-from pymongo.ssl_support import get_ssl_context
 from pymongo.write_concern import WriteConcern
 
 _IS_SYNC = False
@@ -2879,15 +2878,8 @@ async def asyncSetUp(self):
     async def http_post(self, path, data=None):
         # Note, the connection to the mock server needs to be closed after
         # each request because the server is single threaded.
-        ctx: ssl.SSLContext = get_ssl_context(
-            CLIENT_PEM,  # certfile
-            None,  # passphrase
-            CA_PEM,  # ca_certs
-            None,  # crlfile
-            False,  # allow_invalid_certificates
-            False,  # allow_invalid_hostnames
-            False,  # disable_ocsp_endpoint_check
-        )
+        ctx = ssl.create_default_context(cafile=CA_PEM)
+        ctx.load_cert_chain(CLIENT_PEM)
         conn = http.client.HTTPSConnection("127.0.0.1:9003", context=ctx)
         try:
             if data is not None:
diff --git a/test/test_encryption.py b/test/test_encryption.py
@@ -95,7 +95,6 @@
     WriteError,
 )
 from pymongo.operations import InsertOne, ReplaceOne, UpdateOne
-from pymongo.ssl_support import get_ssl_context
 from pymongo.synchronous import encryption
 from pymongo.synchronous.encryption import Algorithm, ClientEncryption, QueryType
 from pymongo.synchronous.mongo_client import MongoClient
@@ -2861,15 +2860,8 @@ def setUp(self):
     def http_post(self, path, data=None):
         # Note, the connection to the mock server needs to be closed after
         # each request because the server is single threaded.
-        ctx: ssl.SSLContext = get_ssl_context(
-            CLIENT_PEM,  # certfile
-            None,  # passphrase
-            CA_PEM,  # ca_certs
-            None,  # crlfile
-            False,  # allow_invalid_certificates
-            False,  # allow_invalid_hostnames
-            False,  # disable_ocsp_endpoint_check
-        )
+        ctx = ssl.create_default_context(cafile=CA_PEM)
+        ctx.load_cert_chain(CLIENT_PEM)
         conn = http.client.HTTPSConnection("127.0.0.1:9003", context=ctx)
         try:
             if data is not None:
