问题
I'm making a POST request in PL/SQL, but I'm running into a Certificate validation failure error. If I run it outside of the database, in either cURL or Postman it works fine.
In the latter programs, I need to specify the client certificate, private key and CA certificate. In cURL I am using --cert, --key and --cacert.
When running in PL/SQL, I can only specify the wallet where these files are stored, but I don't seem to have an option of specifying which certificate and key I want to use, which I think is why I'm having issues?
declare
req utl_http.req;
res utl_http.resp;
url varchar2(4000) := 'https://server/';
buffer varchar2(4000);
begin
utl_http.set_wallet('file:wallet_path');
req := utl_http.begin_request(url,'POST');
utl_http.set_header(req,'header_name','header_text');
res := utl_http.get_response(req);
begin
loop
utl_http.read_line(res, buffer);
dbms_output.put_line(buffer);
end loop;
utl_http.end_response(res);
exception when utl_http.end_of_body then
utl_http.end_response(res);
end;
end;
/
回答1:
UTL_HTTP don't have such functionality (and probably has some bugs), but you can try to use Java Stored Procedures. It much more flexible, and I fixed "Certificate validation failure" error only this way.
There is an example of POST request function:
CREATE OR REPLACE JAVA SOURCE NAMED "example/HttpUtil" AS
import javax.net.ssl.*;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.cert.X509Certificate;
import java.sql.Blob;
public class HttpUtil {
public static boolean doRequest(String link, Blob requestBody, Blob[] responseBody, String[] message) {
String res = "Success";
boolean result = true;
try {
request(link,requestBody,responseBody);
} catch (Exception ex) {
StringWriter sw = new StringWriter();
PrintWriter pw = new PrintWriter(sw);
ex.printStackTrace(pw);
res = sw.toString();
result = false;
}
message[0] = res;
return result;
}
public static void request(String link, Blob requestBody, Blob[] responseBody) throws Exception {
URL url = new URL(link);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setDoOutput(true);
con.setRequestMethod("POST");
con.setRequestProperty("Proxy-Connection", "Keep-Alive");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
con.setRequestProperty("Content-Length", String.valueOf(requestBody.length()));
DataOutputStream outputStream = new DataOutputStream(con.getOutputStream());
InputStream reqStream = requestBody.getBinaryStream();
byte[] buff = new byte[1024];
int len = 0;
while ((len = reqStream.read(buff)) != -1) {
outputStream.write(buff, 0, len);
}
int status = con.getResponseCode();
InputStream in;
if (status >= 400) {
in = con.getErrorStream();
} else {
in = con.getInputStream();
}
OutputStream out = responseBody[0].setBinaryStream(0);
byte[] buf = new byte[1024];
int n;
while (-1 != (n = in.read(buf))) {
out.write(buf, 0, n);
}
in.close();
con.disconnect();
out.flush();
}
}
/
ALTER JAVA SOURCE "example/HttpUtil" COMPILE;
CREATE OR REPLACE FUNCTION http_request (is_url IN VARCHAR2,
i_body IN BLOB,
io_resp IN OUT NOCOPY BLOB,
o_message OUT VARCHAR2)
RETURN BOOLEAN
AS LANGUAGE JAVA
NAME 'HttpUtil.doRequest(java.lang.String, java.sql.Blob, java.sql.Blob[], java.lang.String[]) return boolean';
来源:https://stackoverflow.com/questions/60113036/specify-certificate-and-key-in-oracle-wallet