Hello,
I have a problem when I try to do a https request via utl_http.
Database version is
SYS@tcp_iig9_test> select * from v$version;
BANNER
-----------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for 32-bit Windows: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production
The database is running on a Windows Server 2008 32 bit Standard SP2.
I create a simple wallet using
orapki on the database server the following way
c:\> orapki wallet create -wallet wallet-client -auto_login
the wallet is created successfully, I have the ewallet.e12 file and a cwallet.sso file in the wallet-client directory:
C:\wallet-client>dir
Volume in drive C is System
Volume Serial Number is 5C03-B54D
Directory of C:\wallet-client
10/11/2010 01:58 AM <DIR> .
10/11/2010 01:58 AM <DIR> ..
10/11/2010 01:58 AM 3,589 cwallet.sso
10/11/2010 01:58 AM 3,512 ewallet.p12
2 File(s) 7,101 bytes
2 Dir(s) 475,807,744 bytes free
Just to be sure I opened the wallet with the wallet manager successfully.
after that I want to do a request with the following code:
SYS@tcp_iig9_test> r
1 declare
2 vReq varchar2(2000);
3 begin
4 utl_http.set_wallet('file:c:\wallet-client', '<pwd>');
5 vReq := utl_http.request('https://supporthtml.oracle.com');
6* end;
declare
*
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1722
ORA-28759: failure to open file
ORA-06512: at line 5
Note that I do not care if the certificate chain is OK at this time (the root certificate of the oracle support portal would be from verisign which is in the wallet btw.).
same thing happens if I pass the path to the wallet directly to
utl_http.request :
SYS@tcp_iig9_test> r
1 declare
2 vReq varchar2(2000);
3 begin
4 vReq := utl_http.request('https://supporthtml.oracle.com', null, 'file:c:/wallet-client', '<pwd>');
5* end;
declare
*
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1722
ORA-28759: failure to open file
ORA-06512: at line 4
To add: I created ACL's like here:
http://www.morganslibrary.org/reference/dbms_network_acl_admin.html
and after the ACL's where created correctly I ended up with the above error.
To exclude this has anything to do with Network ACL's I tested the whole stuff with the sys user (as seen above) - the error persists.
When searching the documentation for ORA-28759 I get here: http://download.oracle.com/docs/cd/B28359_01/network.111/b28530/asossl.htm#ASOAG9698
Which begs the question: what has this to do with SQL*Net SSL authentication? Anyway; I added the WALLET_PATH to my sqlnet.ora on the server just to be sure:
WALLET_LOCATION =
(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=c:\wallet-info)))
which resulted in exactly the same behaviour (yes I did bounce the listener and the oracle service just to be sure)...
A google search came back with the same advice: add the correct WALLET_LOCATION to your sqlnet.ora for version 10.2.x. Just to add: I tested the same thing on 10.2.0.4 WITHOUT adding WALLET_LOCATION to the sqlnet.ora successfully, so I am really wondering what I am missing here.
Yes, I do have read / write privilages to the directory (to test I wrote a file using
utl_file ), yes I am darn sure I passed the correct password for the wallet, and yes I am darn sure the wallet is correct (as said I opened it successfully using wallet manager).
Did anyone encounter a similar issue?
cheers