Oracle 21c connection

[har3653]

Hi in database 21c on cloud there are some restricions on PL SQl packages. One of them is UTL_HTTP package, actualy some of them are :

PL/SQL Packages Restrictions:

UTL_HTTP Restrictions:

• Connections through IP addresses are not allowed.

• Only HTTPS connections are allowed (HTTP and HTTP_PROXY are disallowed).

• All web services must be secured. The only allowed ports are 443 and 8443. Your instance is preconfigured with an Oracle Wallet that contains more than 90 of the most commonly trusted root and intermediate SSL certificates. This Oracle Wallet is centrally managed and therefore you cannot consume 3rd party web services that are protected using self-signed SSL certificates.

• The SET_AUTHENTICATION_FROM_WALLET procedure is disallowed.

• The WALLET_PATH and WALLET_PASSWORD arguments for the CREATE_REQUEST_CONTEXT, REQUEST, and REQUEST_PIECES APIs are ignored.

• Oracle Wallet configuration cannot be altered. All arguments for SET_WALLET API are ignored.

• UTL_HTTP usage is audited by default. You cannot disable auditing for UTL_HTTP.

So, if i understand it corectly, if we want to use jaspereportsintegration it has to be on some domain with trusted ssl certificate and go through wallet procedure from documentation.

[daust]

Hi @har3653,

are you talking about an environment that is hosted by Oracle?

So, if i understand it correctly, if we want to use jaspereportsintegration it has to be on some domain with trusted ssl certificate and go through wallet procedure from documentation.

Yes, this is my understanding as well. The wallet containing these 90 commonly trusted root and intermediate SSL certificates is enabled automatically and thus you shouldn't have to do anything special I believe. Any trusted domain should work fine.

Cheers ~Dietmar.

[har3653]

Hi, yes i talk about Oracle cloud environment. I read in documentation that they have some private DNS in VCN options and it is posible to convert existing virtual machine from public network to private by cloning it and then in cloning process to change network settings. But it is not posible in always free version. That option is turned off.
https://blogs.oracle.com/cloud-infrastructure/getting-up-to-speed-on-using-private-endpoints-for-autonomous-database-with-shared-exadata-infrastructure

[daust]

Could you at least give it a try to reach it?

Here is a sample on how to call the URL using utl_http: https://oracle-base.com/articles/misc/utl_http-and-ssl

I guess you could try to use show_html_from_url() to call the JRI homepage https://server:port/jri/ from within your database.

Perhaps Oracle can see / validate the internal infrastructure, who knows, would make sense.

[har3653]

I will try, actualy every VM instance have public IP so i used my subdomain on other hosting to bind this ip for it. If i use UTL_HTTP it will not work becouse i use self signed certificate. Doesnt make sense to me to pay for domain + ssl certificate to use always free database and VM. They cant validate VM even it is on same infrastructure. Maybe they fix it in the future. Im talking about always free version. But i will try show_html_from_url()

[har3653]

I can confirm that it is posible to conect on letsencrypt signed server but only with default https port. So link would be https://server/jri. I spend some time researching and wallet is mandatory but without any parameters becouse it is already configured. I will test more today

[har3653]

I reached all ssl links to my jasperreportsintegration through autonomus database so i will close the issue. It worked with 2.7 version and earlier versions.