diff --git a/journalpump/rsyslog.py b/journalpump/rsyslog.py
index 0bc6a20..7360ca7 100644
--- a/journalpump/rsyslog.py
+++ b/journalpump/rsyslog.py
@@ -108,11 +108,8 @@ def __init__(
         if protocol is None:
             protocol = "PLAINTEXT"
         if cacerts is not None or protocol == "SSL":
-            self.ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+            self.ssl_context = ssl.create_default_context(cafile=cacerts)
             self.ssl_context.minimum_version = ssl.TLSVersion.TLSv1_2
-            self.ssl_context.verify_mode = ssl.CERT_REQUIRED
-            if cacerts:
-                self.ssl_context.load_verify_locations(cacerts)
             if certfile:
                 self.ssl_context.load_cert_chain(certfile, keyfile)