ORA-28857 Error When Add New Certified

Actually I working in a project to upgrade certificates to new versions, perfoming a test I received the next error stack;

 
ORA-29273: fallo de la solicitud HTTP
ORA-06512: en "SYS.UTL_HTTP", línea 1722
ORA-28857: Error SSL desconocido
ORA-06512: en línea 1

After of review doc I discovered that engine database version (11.2.0.1) not support cerfiticates with SHA-2 algorithm because of this I have only two options, upgrade database to 11.2.0.3 (minimal release support SHA-2) or continue using SHA-1.

HTH – Antonio NAVARRO

ORA-24247 And ORA-29273 Errors

I have been reported the next stack error ;

ERROR en línea 1:
ORA-29273: fallo de la solicitud HTTP
ORA-24247: acceso de red denegado por la lista de control de acceso (ACL)
ORA-06512: en "SYS.UTL_HTTP", línea 1491
ORA-06512: en línea 1

The developer team send me the query that produces the error, it is the next;

set def off
select substr(UTL_HTTP.request('http://validate.sandbox.test2.es/services/sendmailing.phpmailingcode=M00241755&audienceid[CustomerID]=Email&fields[EMAILS]=xxxx@xxxxxxx.xx') ,1,4000) from dual;
set def on

In this case the problem is the acl privileges, the user executing the sentence hasn’t enough privileges, in this version (12.1.0.2) it can be solve by grant connect permission like show below;

 
BEGIN                                                                            
  DBMS_NETWORK_ACL_ADMIN.append_host_ace (                                       
    host       => 'validate.sandbox.test2.es',                         
    lower_port => 1,                                                             
    upper_port => 1500,                                                          
    ace        => xs$ace_type(privilege_list => xs$name_list('connect'),         
                              principal_name => 'USER_STEVEN',                         
                              principal_type => xs_acl.ptype_db));               
END;                                                                             
/                                                      

HTH – Antonio NAVARRO

UTL_HTTP Without Using Certificate

Today I was checking a certeficate against a web service. I use the next query below for this kind of task but I get a problem with the certificate,
It give me a validation failure;

 
SQL> select utl_http.request ('https://clients.tecno.com', Null, 'file:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX') from dual;
select utl_http.request ('https://clients.tecno.com', Null, 'file:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX') from dual
       *
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-29024: Certificate validation failure
ORA-06512: at "SYS.UTL_HTTP", line 1491
ORA-06512: at line 1

I probed to remove the “s” from “https” string for testing only (As a silly test to see what happened), I never think it works with out “s” but yes it works fine without use certificate.
I don’t know if in this case Oracle read the certificate because of it don’t need.

 
SQL> select utl_http.request ('http://clients.tecno.com', Null, 'file:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX') from dual;

UTL_HTTP.REQUEST('HTTP://clients.tecno.com',NULL,'FILE:/DB/PROD/UTIL/CERTIFICATES_TLS/','XXXXXX')
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
<html><head><title>Error</title></head><body><head><title>Directory Listing Denied</title></head>
<body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</body></body></html>

HTH – Antonio NAVARRO

Error When Deploy Agent In EM12c Because Of Trash

Today I was deploying agents in several machines when one of them failed in remote validations. The error text is the next;

El directorio base de instalación “/agent12c” no está vacío.

Of course, it is in spanish. Translate to English would be similar to;

The base directory “/agente12c” is not empty.

I opened a ssh to the machine and take a look at /agente12c, it had a file, maybe created to validate permissions on this directory for the agent user. The solution so easy like remove the file;

 
mortadela-1:/agent12c$ ls -rlt
total 1
-rw-r--r--   1 agente12c  oinstall       0 Apr 10 09:42 dummy.txt
mortadela-1:/agent12c$ rm dummy.txt
mortadela-1:/agent12c$ ls -rlt
total 0
mortadela-1:/agent12c$ pwd
/agent12c

HTH – Antonio NAVARRO.

TNS-03505 Error

Today a coworker ask me about the next error;

       
ora12c@motaf-1:~$ tnsping cloud.buey.com

TNS Ping Utility for Solaris: Version 12.1.0.2.0 - Production on 10-APR-2017 10:28:02

Copyright (c) 1997, 2014, Oracle.  All rights reserved.

Used parameter files:

TNS-03505: Failed to resolve name

In this case the problem was Oracle cann’t find the tnsnames.ora, it was moved to another path and TNS_ADMIN had not value. Set TNS_ADMIN enviroment variable solved the problem.

HTH – Antonio NAVARRO