DBA Tips Archive for Oracle | |

Using UTL_HTTP and an Oracle Wallet to Establish a Secure URL Connection (SSL) by Jeff Hunter, Sr. Database Administrator
Contents
* Introduction * Oracle Wallet * Capture SSL Site Certificate * Create Oracle Wallet * Import Certificate into the Oracle Wallet * Establish Encrypted Connection * About the Author
Introduction
This article describes the steps necessary to establish a secure URL connection (SSL) using the UTL_HTTP Oracle PL/SQL package and an Oracle Wallet. In order to fully demonstrate the required steps, I will be establishing a secure URL connection to the web site https://www.centos.org/ from within PL/SQL.
In order to establish a connection to a secure URL from an Oracle database server, the following tasks will need to be performed: * Capture all required certificates from the SSL site * Create an Oracle Wallet that is accessible on the database server * Import the required certificate(s) of the SSL site into the Oracle Wallet * Use the UTL_HTTP.SET_WALLET PL/SQL procedure before attempting to access the secure URL
An Oracle Wallet stores all of the encryption keys that the database can use and is required in order to access an SSL site using the UTL_HTTP PL/SQL package. Attempting to establish a secure URL connection without an Oracle wallet (and, of course, the required certificates from the SSL site) will result in the code throwing the Oracle error ORA-29024: Certificate validation failure: CONNECT scott/tiger SET serveroutput ON DECLARE HTTP_REQ UTL_HTTP.REQ; HTTP_RESP UTL_HTTP.RESP; URL_TEXT VARCHAR2(32767); BEGIN DBMS_OUTPUT.ENABLE(1000000); HTTP_REQ := UTL_HTTP.BEGIN_REQUEST('https://www.centos.org/');