We are trying to use the UTL_HTTP package in Oracle Database 11.2.0.4 and getting an error:
SQL> @/tmp/teste.sql
BEGIN
*
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-28860: Fatal SSL error
ORA-06512: at line 12
We created the wallet and imported the certificate:
mkdir -p $ORACLE_BASE/admin/$ORACLE_SID/wallet
orapki wallet create -wallet $ORACLE_BASE/admin/$ORACLE_SID/wallet -pwd <password>
orapki wallet add -wallet $ORACLE_BASE/admin/$ORACLE_SID/wallet -trusted_cert -pwd <password> -cert cert_cloud.crt
The content of the script:
BEGIN
DECLARE
http_req utl_http.req;
http_resp utl_http.resp;
-- Variaveis do perfil
w_pathWallet VARCHAR2(500) := 'file:$ORACLE_BASE/admin/$ORACLE_SID/wallet';
w_pwdWallet VARCHAR2(500) := '<password>';
BEGIN
Utl_Http.Set_Wallet(w_pathWallet, w_pwdWallet);
Utl_Http.set_transfer_timeout(300);
http_req := utl_http.begin_request( '<https webservice address>'
, 'POST'
, 'HTTP/1.1');
utl_http.set_authentication (http_req, '00454733','IC3R8T');
utl_http.set_header(http_req, 'Content-Type', 'application/xml; charset=utf-8');
http_resp := UTL_HTTP.get_response(http_req);
dbms_output.put_line('HTTP response status code: ' || http_resp.status_code);
dbms_output.put_line('HTTP response reason phrase: ' || http_resp.reason_phrase);
END;
END;
/
The same script successfully runs on databases 12cR2 and 19c.
We did some test monitoring with tcpdump and it seems to be some error in the handshake phase. The successful test on 12cR2 uses TLS v1.2, while the test with error on 11gR2 returns an error showing TLS v1.0
According to the notes we analyzed in the knowledge base, TLS v1.2 should be supported in Oracle Database 11.2.0.4 as long as the last PSU is applied (in this case we have PSU APR/2021).
Would 11.2.0.4 be unsupported working with TLS v1.2?
Does anyone have any suggestions for further investigation beyond the one mentioned?
Does anyone use UTL_HTTP on Oracle 11.2.0.4 with TLS v1.2?