Home » SQL & PL/SQL » SQL & PL/SQL » ORA-29024: Certificate validation failure
ORA-29024: Certificate validation failure [message #197513] Wed, 11 October 2006 09:23 Go to next message
Duane
Messages: 581
Registered: December 2002
Senior Member
Any insight with this message? Missing a parameter or something?

The documentation talks about Certificate Validation with Certificate Revocation Lists. Is that something that needs to be setup or installed for me to us SSL with UTL_HTTP? I'm trying to use SSL with UTL_HTTP and I receive the ORA-29024 error.
Re: ORA-29024: Certificate validation failure [message #197618 is a reply to message #197513] Thu, 12 October 2006 01:33 Go to previous messageGo to next message
JRowbottom
Messages: 5933
Registered: June 2006
Location: Sunny North Yorkshire, ho...
Senior Member
To use SSL with UTL_HTTP you need to set up an Oracle Wallet to hold the Certificates. You then register this certificate using
utl_http.set_wallet('file:'||<wallet_path>, <wallet_pwd>);
Re: ORA-29024: Certificate validation failure [message #197746 is a reply to message #197618] Thu, 12 October 2006 09:04 Go to previous messageGo to next message
Duane
Messages: 581
Registered: December 2002
Senior Member
JRowbottom wrote on Thu, 12 October 2006 01:33

You then register this certificate using
utl_http.set_wallet('file:'||<wallet_path>, <wallet_pwd>);



I've got that statement in the procedure.
utl_http.set_wallet ('file:c:\wallet\', 'pass_word');
utl_http.set_detailed_excp_support (true);
sslreq := utl_http.Begin_request ('https://www.oracle.com',
                                    'POST',
                                    'HTTP/1.0');


Now, bear with me, I'm only the programmer and I didn't setup Oracle, create the wallet or install the certificates.

I do use the wallet in another package that uses DBMS_LDAP. As far as I know, this package runs just fine. I take it the code is using the wallet and is opening an SSL connection. Maybe it isn't? I sure hope it is because if we are not then we are sending userids/passwords in the clear.

dbms_ldap.use_exception := true;
	
mySession := dbms_ldap.init (ldapHost, ldapPort);
retval := dbms_ldap.open_ssl (mySession, 'file:c:\wallet\', 'pass_word', 2);
retval := dbms_ldap.simple_bind_s (mySession, 'umkc-users\'||user, pass);

Re: ORA-29024: Certificate validation failure [message #197752 is a reply to message #197746] Thu, 12 October 2006 09:32 Go to previous messageGo to next message
JRowbottom
Messages: 5933
Registered: June 2006
Location: Sunny North Yorkshire, ho...
Senior Member
I know nothing about dbms_ldap I@m afraid.

Is this thread any use ?
Re: ORA-29024: Certificate validation failure [message #197755 is a reply to message #197752] Thu, 12 October 2006 09:42 Go to previous messageGo to next message
Duane
Messages: 581
Registered: December 2002
Senior Member
Yea, that's my old post that you helped me out on. I'm not doing anything different from that post and getting LDAP via SSL to work. This should work.
Re: ORA-29024: Certificate validation failure [message #197885 is a reply to message #197755] Fri, 13 October 2006 01:54 Go to previous messageGo to next message
JRowbottom
Messages: 5933
Registered: June 2006
Location: Sunny North Yorkshire, ho...
Senior Member
Oh yes - so it is.
Sorrry.

I don't suppose any of this helps
Re: ORA-29024: Certificate validation failure [message #197961 is a reply to message #197885] Fri, 13 October 2006 08:55 Go to previous message
Duane
Messages: 581
Registered: December 2002
Senior Member
I read that entire section and even made some tnsnames (TCPS) changes per the SSL instructions. That just made it so no one could log on. That was fun. The DBA and server guys were not happy with me.
Previous Topic: Help Needed
Next Topic: reports using three tables
Goto Forum:
  


Current Time: Sun Dec 01 12:04:59 CST 2024