How to use self-signed certificate in Python3

Question

I've generated a self-signed certificate in Windows Server 2012 R2 [WSUS Server - 10.66.194.98] [Dec15.cer] and enabled SSL in all 'WSUS Administration' website. Now I want to use this in python code to contact with the server.

Dec15.cer

And I'm running into below error

ERROR: Host not reachable [HTTPSConnectionPool(host='10.66.194.98', port=8531): Max retries exceeded with url: /ApiRemoting30/WebService.asmx (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:833)'),))]

This is what I tried.

wsusutil.exe configuressl 10.66.194.98

Then I copied the Dec15.cer to python root directory. and ran the below code

from requests import Session
from requests_ntlm import HttpNtlmAuth

user = 'administrator'
password = '******'
session = Session()
session.cert = session.verify = 'Dec15.cer'
# session.verify = False
session.auth = HttpNtlmAuth(user, password)
print(session.get("https://10.66.194.98:8531/ApiRemoting30",
              verify=session.verify,
              cert=session.cert))

Answer 1

While the certificate in question Dec15.cer is a self-signed certificate it does not have basic constraints CA:true:

$ openssl x509 -text -in Dec15.cer 
...
    X509v3 extensions:
        X509v3 Key Usage: 
            Key Encipherment, Data Encipherment
        X509v3 Extended Key Usage: 
            TLS Web Server Authentication

But, as I already said in a comment, the certificates given to the verify parameter in requests must be CA certificates, i.e. have basic constraints CA:true.