1 Reply Latest reply on Aug 20, 2019 4:31 PM by Venkata Thiruveedhi-Oracle

    ORA-29024 certificate validation failure

    1805907

      Old certficate was expired; After installing the new one we get always this error

      The wallet was rebuild.

      What do I have to do more?

      We have database standard edition 11.2.0.4

      We have no Wallet Manager

       

      E:\ocbs\certif>orapki wallet create -wallet C:\app\oracle\product\11.2.0\dbhome_1\wallet -pwd *** -auto_login

      Oracle PKI Tool : Version 11.2.0.4.0 - Production

      Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.

       

      E:\ocbs\certif>orapki wallet add -wallet C:\app\oracle\product\11.2.0\dbhome_1\wallet -trusted_cert -cert C:\app\oracle\product\11.2.0\dbhome_1\wallet\cert\DigiCertGlobalRootCA.cer -pwd ***

      Oracle PKI Tool : Version 11.2.0.4.0 - Production

      Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.

       

      E:\ocbs\certif>orapki wallet add -wallet C:\app\oracle\product\11.2.0\dbhome_1\wallet -trusted_cert -cert C:\app\oracle\product\11.2.0\dbhome_1\wallet\cert\DigiCertSHA2SecureServerCA.cer -pwd ***

      Oracle PKI Tool : Version 11.2.0.4.0 - Production

      Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.

       

      E:\ocbs\certif>orapki wallet add -wallet C:\app\oracle\product\11.2.0\dbhome_1\wallet -trusted_cert -cert C:\app\oracle\product\11.2.0\dbhome_1\wallet\cert\express.tnt.com.cer -pwd ***

      Oracle PKI Tool : Version 11.2.0.4.0 - Production

      Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.

       

      E:\ocbs\certif>orapki wallet display -wallet C:\app\oracle\product\11.2.0\dbhome_1\wallet -pwd ***

      Oracle PKI Tool : Version 11.2.0.4.0 - Production

      Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.

       

       

      Requested Certificates:

      User Certificates:

      Trusted Certificates:

      Subject:        OU=Class 1 Public Primary Certification Authority,O=VeriSign\, I

      nc.,C=US

      Subject:        OU=Secure Server Certification Authority,O=RSA Data Security\, I

      nc.,C=US

      Subject:        CN=DigiCert Global CA G2,O=DigiCert Inc,C=US

      Subject:        CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\, Inc.

      ,O=GTE Corporation,C=US

      Subject:        OU=Class 3 Public Primary Certification Authority,O=VeriSign\, I

      nc.,C=US

      Subject:        OU=Class 2 Public Primary Certification Authority,O=VeriSign\, I

      nc.,C=US

      Subject:        CN=express.tnt.com,OU=TNT Express ICS,O=FedEx,L=Collierville,ST=

      Tennessee,C=US

      Subject:        CN=DigiCert Global Root G2,OU=www.digicert.com,O=DigiCert Inc,C=

      US

       

       

      -------------------------------------------------------------------------------------------------------------------------------------------------------

       

      testprocedure

      DECLARE

      ----------------

      -- Variabelen --

      ----------------

      l_request    utl_http.req;

      l_url      VARCHAR2(400);

       

      BEGIN

      UTL_HTTP.set_wallet('file:C:\app\oracle\product\11.2.0\dbhome_1\wallet', '***');

       

      l_url      := 'https://express.tnt.com/expresslabel/documentation/getlabel';

      l_request := utl_http.begin_request(l_url, 'POST','HTTP/1.1');

       

      end;The walle