问题描述
从Oracle数据库11g迁移到12.2.0.1时遇到ORA-24263。使用UTL_HTTP通过HTTPS访问站点时会引发此错误,并且该站点是多服务器域 (在当今基于云的世界中很常见)。
我不再有问题,而是有答案。答案很难找到,我仍然无法在互联网上找到任何其他参考。
调用UTL_HTTP.BEGIN_REQUEST时需要一个额外的参数。您必须将域的http_host指定为begin_request过程的参数。
例如: v_req := utl_http.begin_request( url =>'https://api.example.com?id=12345',Http_host => 'example.com' );
据我所知,http_host参数是100% 必要的,100% 没有记录,很难找到。
希望AskTom可以解决此问题和解决方案。
我不再有问题,而是有答案。答案很难找到,我仍然无法在互联网上找到任何其他参考。
调用UTL_HTTP.BEGIN_REQUEST时需要一个额外的参数。您必须将域的http_host指定为begin_request过程的参数。
例如: v_req := utl_http.begin_request( url =>'https://api.example.com?id=12345',Http_host => 'example.com' );
据我所知,http_host参数是100% 必要的,100% 没有记录,很难找到。
希望AskTom可以解决此问题和解决方案。
专家解答
为自己解决这个问题的工作不错。但我不知道你在看哪里。对我来说,http_host看起来100% 记录:
https_host
The host name to be matched against the common name (CN) of the remote server's certificate for an HTTPS request. It can also be a domain name like *.example.com. If NULL, the host name in the given URL will be used.
http://docs.oracle.com/database/122/ARPLS/UTL_HTTP.htm#GUID-BBD953E8-CA2B-4D2F-B4E8-125A0C27CCDC
MOS note 2275666.1讨论了这个确切的误差和参数:
When making a secured connection or request, UTL_TCP, UTL_SMTP and UTL_HTTP now verify the digital certificate of the remote server and will raise the following error if the server address in the common name (CN) attribute of the certificate does not match the requested connection or URL.
ORA-24263: Certificate of the remote server does not match the target address.
In case when the address in the certificate is expected to be different (for example, when accessing the server by IP address), the caller can provide the expected address or domain name to match via an additional parameter when making the connection or request.
SOLUTION
As of Oracle 12.2 the procedures of the utl_http package used to access remote webservices have a new parameter called https_host. One has to use this new parameter to avoid the error:
https_host
The host name to be matched against the common name (CN) of the remote server's certificate for an HTTPS request. It can also be a domain name like *.example.com. If NULL, the host name in the given URL will be used.
http://docs.oracle.com/database/122/ARPLS/UTL_HTTP.htm#GUID-BBD953E8-CA2B-4D2F-B4E8-125A0C27CCDC
MOS note 2275666.1讨论了这个确切的误差和参数:
When making a secured connection or request, UTL_TCP, UTL_SMTP and UTL_HTTP now verify the digital certificate of the remote server and will raise the following error if the server address in the common name (CN) attribute of the certificate does not match the requested connection or URL.
ORA-24263: Certificate of the remote server does not match the target address.
In case when the address in the certificate is expected to be different (for example, when accessing the server by IP address), the caller can provide the expected address or domain name to match via an additional parameter when making the connection or request.
SOLUTION
As of Oracle 12.2 the procedures of the utl_http package used to access remote webservices have a new parameter called https_host. One has to use this new parameter to avoid the error:
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
