UTL_HTTP from Oracle Autonomous Database

March 4, 2021

UTL_HTTP from Autonomous Database

The PL/SQL package UTL_HTTP in Oracle Autonomous Databases only allows HTTPS connections.

To call secure web services from the database it needs a wallet. The wallet must have the root and intermediate certificates for the remote site. If they are missing you will get the error:

ORA-29024: Certificate validation failure

But how do you fix that if your database is an autonomous database, like the ADW, or ATP? Turns out, you don’t have to. The wallet that is already set up for you contains about 90 of the most commonly trusted root and intermediate SSL certificates. The only thing you have to do is execute:

begin
   utl_http.set_wallet('');
end;
/

That is, no arguments needed. As before, you need to add the remote host to the ACL, like this:

begin
  DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
    host => 'github.com',
    ace => xs$ace_type(
        privilege_list => xs$name_list('connect','resolve'),
        principal_name => 'FULANO',
        principal_type => xs_acl.ptype_db));
  commit; 
end;
/

This also means that you cannot access sites with self-signed certificates. Which is nice, that is always messsy. If a certian site still give you the error, try to access it in a browser and check the certificate chain.