Hello everyone,
I am struggling with a Certificate validation failure but hear me out first :) I am a dba and yesterday a developer asked me to help about a api call problem. I checked and link that they want to access is a https. So, I downloaded the only root certificate of the link and add it into wallet and the certificate is valid but I still got ora-29024. I searched support, community and google but couldn't find any thing. I tried this on different db servers (19c, 19.12, 19.15, 19.16) they all have the same error.
We do have a workaround but it really bothers me!
here is the link: https://api.onlineszamla.nav.gov.hu
here is a sample code:
declare
req utl_http.req;
begin
utl_http.set_wallet('file:/u01/app/oracle/fast_recovery_area/wallet', 'MyPassword');
req := utl_http.begin_request('https://api.onlineszamla.nav.gov.hu', 'POST');
end;
/
interesting point; if I remove "api." from the link (https://onlineszamla.nav.gov.hu) , it has a different root certificates and I am able to access to this link (https://onlineszamla.nav.gov.hu) if I added it into wallet. but https://api.onlineszamla.nav.gov.hu has different root certificate.
Only thing I can find out, inaccessible links root certificates has Unicode characters in it is subject:
Subject: CN=NetLock Arany (Class Gold) Főtanúsítvány,OU=Tanúsítványkiadók (Certification Services),O=NetLock Kft.,L=Budapest,C=HU
link without api prefix has no unicode characters in its subject and as I said, I am able to access it:
EMAIL=info@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
any idea or anyone had faced with this before? thanks.