I'm trying to setup setup a server and client using websockets with TLS. I made a dummy cert with mkcert. I followed the basic setup on https://docs.python.org/3/library/ssl.html But immediately I get some truststore error and I can't get rid of it. I am a python novice and have 0 previous experience with ssl certification so I am pretty lost. I am running ltsc windows 10 with python3.14.2
What I have tried:

import os

os.environ["SSL_NO_TRUSTSTORE"] = "1" # and "0" neither worked. Error stayed the same

Both on Server and client added "do_handshake_on_connect = False" to the wrap_socket() Error stayed the same

Checked that the certificates are being found by moving them. Immediately got a different error about no valid cert found so pretty sure the path is correct.

the client has the same issue and practically same error so I assume it's something with my certificates or how python is checking my certificates. But I cant seem to get it to even stop checking my certificates.

Thank you in advance for any help!

The code:

import socket

import select

import env

import random

import string

import ssl

IP = env.IP

PORT = env.PORT

context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)

context.load_cert_chain('./SSL/server.pem', './SSL/server-key.pem')

# Create a socket

# socket.AF_INET - address family, IPv4, some other possible are AF_INET6, AF_BLUETOOTH, AF_UNIX

# socket.SOCK_STREAM - TCP, conection-based, socket.SOCK_DGRAM - UDP, connectionless, datagrams, socket.SOCK_RAW - raw IP packets

unsecure_server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

# SO_ - socket option

# SOL_ - socket option level

# Sets REUSEADDR (as a socket option) to 1 on socket

unsecure_server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

# Bind, so server informs operating system that it's going to use given IP and port

# For a server using 0.0.0.0 means to listen on all available interfaces, useful to connect locally to 127.0.0.1 and remotely to LAN interface IP

unsecure_server_socket.bind((IP, PORT))

# This makes server listen to new connections

unsecure_server_socket.listen()

server_socket = context.wrap_socket(unsecure_server_socket, server_side=True)

The error:

Traceback (most recent call last):
  File "C:\Server.py", line 34, in 
    server_socket = context.wrap_socket(unsecure_server_socket, server_side=True)
  File "C:\Users\Name\AppData\Local\Programs\Python\Python314\Lib\site-packages\pip\_vendor\truststore\_api.py", line 130, in wrap_socket
    _verify_peercerts(ssl_sock, server_hostname=server_hostname)
    ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\Name\AppData\Local\Programs\Python\Python314\Lib\site-packages\pip\_vendor\truststore\_api.py", line 338, in _verify_peercerts
    cert_bytes = _get_unverified_chain_bytes(sslobj)
  File "C:\Users\Name\AppData\Local\Programs\Python\Python314\Lib\site-packages\pip\_vendor\truststore\_api.py", line 311, in _get_unverified_chain_bytes
    unverified_chain = sslobj.get_unverified_chain() or ()
                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~^^
  File "C:\Users\Name\AppData\Local\Programs\Python\Python314\Lib\ssl.py", line 1176, in get_unverified_chain
    chain = self._sslobj.get_unverified_chain()
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'get_unverified_chain'