TLDR: I'm trying to setup a Rest Enabled SQL Service (RESS) Reference between two internal servers with self-signed certificates
I have two internal servers as follows:
In SQL Workshop, on serverB, I've successfully run the following block, confirming that my wallet and credentials work, by alternately commenting each out.
declare
lclob clob;
BEGIN
apex_web_service.set_request_headers(
p_name_01 => 'Content-Type',
p_value_01 => 'application/sql' );
lclob :=
APEX_WEB_SERVICE.MAKE_REST_REQUEST (
p_url => 'https://serverA.com/ords/myschema/_/sql',
p_http_method => 'POST'
,p_body => 'select * from emp'
,p_wallet_path => 'file:///home/oracle/ords/https_wallet'
,p_credential_static_id => 'ress_creds'
);
dbms_output.put_line(lclob);
end;
Now, on serverB, I've created a Rest Enabled SQL reference with endpoint https://serverA.com/ords/myschema and the 'ress_creds' credential. However, when I click the test button, it fails with:
ORA-29024: Certificate validation failure
It seems that serverB does not know how to find the wallet I created, when performing REST requests, without it being specified. I've tried running
exec utl_http.set_wallet('file:/home/oracle/ords/https_wallet', null);
but that doesn't seem to work. (The wallet was created with auto_login, so the password isn't needed here, but I tried that variation anyway, in vain.)
Is there a way to set the wallet for ALL REST requests initiated by serverB? If not, how can I resolve this?
The wallet for REST Enabled SQL as well as for REST Data Sources is configured in the INTERNAL workspace. After logging in, navigate to Manage Instance, Instance Settings and then to the Wallet section. There you can configure the wallet path (don't forget the file:// prefix) and (optionally) the wallet password.
As an alternative, you can (as a DBA User), use the APEX_INSTANCE_ADMIN.SET_PARAMETER procedure.
begin
apex_instance_admin.set_parameter( 'WALLET_PATH', 'file:///home/oracle/ords/https_wallet');
commit;
end;