I am attempting to use the OCI module for Python to connect to my Oracle OCI databases to retrieve a list of backups for the database. I have copied some code a colleague used to do another task with the database, and that code works for him but my code is returning the SSL error:
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)
My colleague doesn't remember how he set up the old code so cannot help me troubleshoot. I haven't been able to find anything useful online to help me figure out why I have a certificate issue but previous code does not.
My code (redacted for security):
import oci
from oci.config import validate_config
config = {
"user":"myocidstring",
"fingerprint":"00:00:00:00",
"tenancy":"myocid",
"region":"us-sanjose-1",
"key_file":".\mylocalpemfile.pem",
"log_requests": False
}
# Initialize service client with default config file
database_client = oci.database.DatabaseClient(config)
backup_list = database_client.list_backups(database_id = 'mydatabaseocid', limit=10)
print(backup_list.data)
The error is happening at the line backup_list = database_client.list_backups(database_id = 'mydatabaseocid', limit=10)
What certificate is the OCI API expecting? Or is the issue caused by something else?
I tried everything from this similar question and none of those solutions worked for me.
After going back and forth with Oracle Support on this problem without any assistance from them, I worked more closely with my networking team to see if they could identify the issue. I was able to run my script on a virtual machine my team uses for development, but couldn't get the script to work on my own work computer, so we started there with troubleshooting to see if we could find a difference.
The solution that finally enabled me to stop getting the error above was to have the networking team bypass ZScaler SSL decryption for the OCI API URL, database.us-sanjose-1.oraclecloud.com. (I found that URL from my full error message while debugging.)