ORA-28857 Error When Add New Certified

Actually I working in a project to upgrade certificates to new versions, perfoming a test I received the next error stack;

ORA-29273: fallo de la solicitud HTTP
ORA-06512: en "SYS.UTL_HTTP", línea 1722
ORA-28857: Error SSL desconocido
ORA-06512: en línea 1

After of review doc I discovered that engine database version ( not support cerfiticates with SHA-2 algorithm because of this I have only two options, upgrade database to (minimal release support SHA-2) or continue using SHA-1.


ORA-24247 And ORA-29273 Errors

I have been reported the next stack error ;

ERROR en línea 1:
ORA-29273: fallo de la solicitud HTTP
ORA-24247: acceso de red denegado por la lista de control de acceso (ACL)
ORA-06512: en "SYS.UTL_HTTP", línea 1491
ORA-06512: en línea 1

The developer team send me the query that produces the error, it is the next;

set def off
select substr(UTL_HTTP.request('http://validate.sandbox.test2.es/services/sendmailing.phpmailingcode=M00241755&audienceid[CustomerID]=Email&fields[EMAILS]=xxxx@xxxxxxx.xx') ,1,4000) from dual;
set def on

In this case the problem is the acl privileges, the user executing the sentence hasn’t enough privileges, in this version ( it can be solve by grant connect permission like show below;

  DBMS_NETWORK_ACL_ADMIN.append_host_ace (                                       
    host       => 'validate.sandbox.test2.es',                         
    lower_port => 1,                                                             
    upper_port => 1500,                                                          
    ace        => xs$ace_type(privilege_list => xs$name_list('connect'),         
                              principal_name => 'USER_STEVEN',                         
                              principal_type => xs_acl.ptype_db));               


UTL_HTTP Without Using Certificate

Today I was checking a certeficate against a web service. I use the next query below for this kind of task but I get a problem with the certificate,
It give me a validation failure;

SQL> select utl_http.request ('https://clients.tecno.com', Null, 'file:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX') from dual;
select utl_http.request ('https://clients.tecno.com', Null, 'file:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX') from dual
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-29024: Certificate validation failure
ORA-06512: at "SYS.UTL_HTTP", line 1491
ORA-06512: at line 1

I probed to remove the “s” from “https” string for testing only (As a silly test to see what happened), I never think it works with out “s” but yes it works fine without use certificate.
I don’t know if in this case Oracle read the certificate because of it don’t need.

SQL> select utl_http.request ('http://clients.tecno.com', Null, 'file:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX') from dual;

<html><head><title>Error</title></head><body><head><title>Directory Listing Denied</title></head>
<body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></body></html>


Error When Deploy Agent In EM12c Because Of Trash

Today I was deploying agents in several machines when one of them failed in remote validations. The error text is the next;

El directorio base de instalación “/agent12c” no está vacío.

Of course, it is in spanish. Translate to English would be similar to;

The base directory “/agente12c” is not empty.

I opened a ssh to the machine and take a look at /agente12c, it had a file, maybe created to validate permissions on this directory for the agent user. The solution so easy like remove the file;

mortadela-1:/agent12c$ ls -rlt
total 1
-rw-r--r--   1 agente12c  oinstall       0 Apr 10 09:42 dummy.txt
mortadela-1:/agent12c$ rm dummy.txt
mortadela-1:/agent12c$ ls -rlt
total 0
mortadela-1:/agent12c$ pwd

HTH – Antonio NAVARRO.

TNS-03505 Error

Today a coworker ask me about the next error;

ora12c@motaf-1:~$ tnsping cloud.buey.com

TNS Ping Utility for Solaris: Version - Production on 10-APR-2017 10:28:02

Copyright (c) 1997, 2014, Oracle.  All rights reserved.

Used parameter files:

TNS-03505: Failed to resolve name

In this case the problem was Oracle cann’t find the tnsnames.ora, it was moved to another path and TNS_ADMIN had not value. Set TNS_ADMIN enviroment variable solved the problem.