2

When accessing external webservices via HTTPS via the Oracle database you need to add the corresponding certificate to a database wallet to prevent a certificate validation error. When one creates an account at apex.oracle.com, one is able to access any external HTTPS webservice without the need to add certificates. So, Oracle seems to have some automated process in place to add the certificates when they are needed. My question is: How would you go about to do that? Or am I missing some "auto-add" feature?

asked Jan 5, 2023 at 10:46
6
  • Have you tried googling it ? Commented Jan 5, 2023 at 10:51
  • 1
    I did, but the results only show how to add certificates in general. Not how to do so automatically. Commented Jan 5, 2023 at 11:49
  • I thought you were providing the web services. Are you trying to use web services provided by others. Commented Jan 5, 2023 at 12:15
  • I am sorry for not being specific enough. I changed the question to more accurately describe my problem. Commented Jan 5, 2023 at 12:16
  • I'm afraid you'll need to write your own tool which works with orapki, and employs a tool like github.com/noxxi/p5-ssl-tools/blob/master/analyze-ssl.pl Commented Aug 26, 2024 at 9:03

1 Answer 1

1

For commercial services, you would need to manually load the root CA certificate chain for that service: the same root CAs that come pre-loaded on web browsers. For self-signed internal services you would need to load your own root CA certificate chain. There is no "auto loading" of those root CAs into a wallet. The reason this works at apex.oracle.com is that someone at Oracle has already loaded those commercial root CAs into the common wallet. There may also be an option to trust the remote certificate without validation, which would negate the need for the root CAs, but is not a good idea for anything except test systems.

answered Jan 9, 2023 at 13:29

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.