Forum Stats

  • 3,851,525 Users
  • 2,263,993 Discussions
  • 7,904,765 Comments

Discussions

Using wallet generated with OPENSSL in Oracle XE

Luis Cabral
Luis Cabral Member Posts: 973
edited May 22, 2013 2:41PM in Database Security - General
Hi there,

I think this is related to oracle security in general rather than XE, that is why I am posting this here.

I am using Oracle XE 11g on Ubuntu 12.04.2 and I need to send emails from APEX using SSL.

As Oracle XE doesn't have a wallet manager, I manually created a wallet using openssl. All seems to have gone well but when I try to use utl_smtp using SSL I get the cryptic error message ORA-28788: user provided invalid information, or an unknown error.

See below the code I used to create the wallet and the utl_smpt call that is generating the error. Any ideas to fix this?

Thanks
Luis
* Generate wallet in linux shell using openssl *

openssl genrsa -out self.key 2048

openssl req -new -config /usr/lib/ssl/openssl.cnf -key self.key -out self.csr

openssl x509 -req -days 1450 -in self.csr -signkey self.key -out self.crt

cat self.key self.crt > self.pem

openssl pkcs12 -export -in self.pem -out  self.p12 -name self-test

cp self.p12 /u01/app/oracle/ewallet.p12
SQL> declare
  2      l_connection utl_smtp.connection;
  3  begin
  4      l_connection := utl_smtp.open_connection(
  5                          host => 'smtp.gmail.com',
  6                          port => 587,
  7                          wallet_path => 'file:/u01/app/oracle',
  8                          wallet_password => 'password01',
  9                          secure_connection_before_smtp => TRUE);
 10      utl_smtp.close_connection(l_connection);
 11  end;
 12  /
declare
    l_connection utl_smtp.connection;
begin
    l_connection := utl_smtp.open_connection(
                        host => 'smtp.gmail.com',
                        port => 587,
                        wallet_path => 'file:/u01/app/oracle',
                        wallet_password => 'password01',
                        secure_connection_before_smtp => TRUE);
    utl_smtp.close_connection(l_connection);
end;
ORA-28788: user provided invalid information, or an unknown error
ORA-06512: at "SYS.UTL_TCP", line 59
ORA-06512: at "SYS.UTL_TCP", line 284
ORA-06512: at "SYS.UTL_SMTP", line 174
ORA-06512: at "SYS.UTL_SMTP", line 197
ORA-06512: at line 4
Tagged:

Answers

  • user1832618
    user1832618 Member Posts: 1
    edited May 22, 2013 2:41PM
    Do you still wait for the answer
    here is a sample code how it is done.


    c := utl_smtp.open_connection(host => v_smtp_host,
    port => v_smtp_port ,
    wallet_path => 'file:c:\google',
    wallet_password => 'wallet_password,
    secure_connection_before_smtp => FALSE);


    utl_smtp.helo(c, v_smtp_host);
    utl_smtp.starttls(c);
    UTL_SMTP.AUTH( c => c, username => v_auth_login, password => v_auth_pass,schemes => 'PLAIN' );

    it is working for sure.

    I am using mail.gmail.com port 587 which supports STARTTLS.
    I believe you can use port 465 but then you have to set secure_connection_before_smtp => TRUE and remove the utl_smtp.starttls(c) line, but I didn't test that.

    Edited by: user1832618 on May 22, 2013 11:28 AM
This discussion has been closed.