Revert SSL context creation to avoid blocking I/O at runtime and add TODO comment

Copilot · iMicknl · Copilot · commit 33afeebf55ad · 2026-01-01T21:30:42.000Z
Co-authored-by: iMicknl &lt;1424596+iMicknl@users.noreply.github.com&gt;
diff --git a/pyoverkiz/client.py b/pyoverkiz/client.py
@@ -166,8 +166,12 @@ def __init__(
         if self.server_config.type == APIType.LOCAL and verify_ssl:
             # To avoid security issues while authentication to local API, we add the following authority to
             # our HTTPS client trust store: https://ca.overkiz.com/overkiz-root-ca-2048.crt
-            # Create a new SSL context to avoid mutating the shared global context
-            self._ssl = _create_local_ssl_context()
+            # Create a copy of the SSL context to avoid mutating the shared global context
+            self._ssl = ssl.SSLContext(SSL_CONTEXT_LOCAL_API.protocol)
+            self._ssl.load_verify_locations(
+                cafile=os.path.dirname(os.path.realpath(__file__))
+                + "/overkiz-root-ca-2048.crt"
+            )
 
             # Disable strict validation introduced in Python 3.13, which doesn't
             # work with Overkiz self-signed gateway certificates
diff --git a/pyoverkiz/utils.py b/pyoverkiz/utils.py
@@ -37,7 +37,7 @@ def create_server_config(
     configuration_url: str | None = None,
 ) -> ServerConfig:
     """Generate server configuration with the provided endpoint and metadata."""
-    # ServerConfig.__init__ handles the enum conversion, but mypy doesn't recognize
+    # TODO fix: ServerConfig.__init__ handles the enum conversion, but mypy doesn't recognize
     # this due to attrs @define decorator generating __init__ with stricter signatures,
     # so we need type: ignore comments.
     return ServerConfig(
