Skip to Main Content

APEX

Announcement

For appeals, questions and feedback, please email oracle-forums_moderators_us@oracle.com

APEX_WEB_SERVICE and client certificates?

user54321Feb 18 2022

From an Oracle database server I am attempting to query a remote REST service using APEX_WEB_SERVICE.MAKE_REST_REQUEST. The remote site is using HTTPS so I have created an Oracle wallet and added the remote sites CA certificate to the "trusted" certs in the wallet. Under typical conditions this is all that is required to access the resource if there is no authentication requirement by the REST endpoint.

THE PROBLEM:
In this case the remote site is requiring client certificate authentication and has issued a client certificate for my Oracle database server.
In the web tier of the remote REST service, the SSLVerifyClient parameter in the Tomcat file is configured to only allow the client with the certificate to access the service.
I've installed the client certificate as a "user" certificate in my Oracle wallet on the database server however it is not being presented to the remote server.
The error returned when executing the APEX_WEB_SERVICE.MAKE_REST_REQUEST call is:

ORA-29273: HTTP request failed
ORA-06512: at "APEX_200100.WWV_FLOW_WEB_SERVICES", line 1285
ORA-06512: at "APEX_200100.WWV_FLOW_WEB_SERVICES", line 924
ORA-29268: HTTP client error 403 - Forbidden
ORA-06512: at "SYS.UTL_HTTP", line 380
ORA-06512: at "SYS.UTL_HTTP", line 1148

Is there a different way that the client certificate should be configured on my Oracle database server so it will present the certificate when making the request?

Comments
Post Details
Added on Feb 18 2022
0 comments
422 views