From an Oracle database server I am attempting to query a remote REST service using APEX_WEB_SERVICE.MAKE_REST_REQUEST. The remote site is using HTTPS so I have created an Oracle wallet and added the remote sites CA certificate to the "trusted" certs in the wallet. Under typical conditions this is all that is required to access the resource if there is no authentication requirement by the REST endpoint.
THE PROBLEM:
In this case the remote site is requiring client certificate authentication and has issued a client certificate for my Oracle database server.
In the web tier of the remote REST service, the SSLVerifyClient parameter in the Tomcat file is configured to only allow the client with the certificate to access the service.
I've installed the client certificate as a "user" certificate in my Oracle wallet on the database server however it is not being presented to the remote server.
The error returned when executing the APEX_WEB_SERVICE.MAKE_REST_REQUEST call is:
ORA-29273: HTTP request failed
ORA-06512: at "APEX_200100.WWV_FLOW_WEB_SERVICES", line 1285
ORA-06512: at "APEX_200100.WWV_FLOW_WEB_SERVICES", line 924
ORA-29268: HTTP client error 403 - Forbidden
ORA-06512: at "SYS.UTL_HTTP", line 380
ORA-06512: at "SYS.UTL_HTTP", line 1148
Is there a different way that the client certificate should be configured on my Oracle database server so it will present the certificate when making the request?