Discussions
Categories
- 197.1K All Categories
- 2.5K Data
- 546 Big Data Appliance
- 1.9K Data Science
- 450.7K Databases
- 221.9K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 552 MySQL Community Space
- 479 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.1K ORDS, SODA & JSON in the Database
- 555 SQLcl
- 4K SQL Developer Data Modeler
- 187.2K SQL & PL/SQL
- 21.3K SQL Developer
- 296.3K Development
- 17 Developer Projects
- 139 Programming Languages
- 293K Development Tools
- 110 DevOps
- 3.1K QA/Testing
- 646.1K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 158 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.2K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 19 Java Essentials
- 162 Java 8 Questions
- 86K Java Programming
- 81 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 205 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 466 LiveLabs
- 39 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 175 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 233 Portuguese
Accessing SMTP.GMAIL.COM from Apex
Hello
I'm trying to setup the outgoing mailing for Apex 22.1
As I read, there a could of steps to accomplish to get this done:
1.- Get the certificates in DER format.
DONE: Got the google.com smtp.google.com and smtp-relay.google.com
2.- Create a directory where to create the wallet
DONE: /opt/oracle/homes/OraDBHome21cXE/admin/XE/apex_wallet
3.- Create the wallet with orapki wallet create -wallet /opt/oracle/homes/OraDBHome21cXE/admin/XE/apex_wallet -pwd <SECURE_PASSWORD> -auto_login
DONE
4.- Add the certificates to the wallet with orapki wallet add -wallet /opt/oracle/homes/OraDBHome21cXE/admin/XE/apex_wallet -trusted_cert -cert "gmail.cer" -pwd <SECURE_PASSWORD>
DONE
5.- Modify the ACL to allow connections to smtp.google.com
DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
host => 'smtp.gmail.com',
lower_port => 587,
upper_port => 587,
ace => xs$ace_type(privilege_list => xs$name_list('connect'),
principal_name => 'APEX_220100',
principal_type => xs_acl.ptype_db));
dbms_network_acl_admin.append_wallet_ace(
wallet_path => 'file:/opt/oracle/homes/OraDBHome21cXE/admin/XE/apex_wallet',
ace => xs$ace_type(privilege_list => xs$name_list('use_client_certificates', 'use_passwords'),
principal_name => 'APEX_220100',
principal_type => xs_acl.ptype_db));
DONE
After all this I'm still having problems with the SMTP connection.
Checked the ACL with SELECT * FROM DBA_NETWORK_ACLS and it seems to be ok
I do verify the wallet with "orapki wallet display -wallet /opt/oracle/homes/OraDBHome21cXE/admin/XE/apex_wallet" and it seems to be ok
Requested Certificates:
User Certificates:
Trusted Certificates:
Subject: CN=smtp-relay.gmail.com
Subject: CN=smtp.gmail.com
Subject: CN=*.google.com
Also configured a mail client and checked that the account is open to external connection.
Any suggestion?
Best Answer
-
Finally, I successfully complete the configuration.
I delete all the certificates on the Wallet and instead of trying to get the certificate from smtp.gmail.com I get the certificate chain of mail.google.com and in this way the connection finally was successful.
Regards
Answers
-
Hello
After using OWM to generate a new wallet, and modify the instance parameter 'Use tls" to "After the connection is established" finally I have some improvement.
Now, if I try to send an email to smtp.gmail.com through port 587 I receive this error on the Mail Queue
Error sending mail.
ORA-06502: PL/SQL: numeric or value error: character to number conversion error
Checking the DBA_SCHEDULER_JOB_RUN_DETAILS view I'm getting the following error:
Additional info:
ORA-06502: PL/SQL: numeric or value error: character to number conversion error
ORA-06512: at "SYS.UTL_SMTP", line 110
ORA-06512: at "SYS.UTL_SMTP", line 235
ORA-06512: at "SYS.UTL_SMTP", line 215
ORA-06512: at "SYS.UTL_SMTP", line 630
ORA-06512: at "SYS.UTL_SMTP", line 641
ORA-06512: at "APEX_220100.WWV_FLOW_MAIL", line 163
ORA-06512: at "APEX_220100.WWV_FLOW_MAIL", line 1894
ORA-06512: at line 1
ERROR:
# APEX|WRN|Exception in "": %MAIL.push_queue_immediate:1881<-:1
# APEX| |Error Stack: ORA-29024: Certificate validation failure
# APEX| |ORA-06512: at "SYS.UTL_TCP", line 63
# APEX| |ORA-06512: at "SYS.UTL_TCP", line 314
# APEX| |ORA-06512: at "SYS.UTL_SMTP", line 290
# APEX| |ORA-06512: at "SYS.UTL_SMTP", line 296
# APEX| |ORA-06512: at "APEX_220100.WWV_FLOW_MAIL", line 1243
# APEX| |Backtrace: ORA-06512: at "SYS.UTL_TCP", line 63
# APEX| |ORA-06512: at "SYS.UTL_TCP", line 314
# APEX| |ORA-06512: at "SYS.UTL_SMTP", line 290
# APEX| |ORA-06512: at "SYS.UTL_SMTP", line 296
# APEX| |ORA-06512: at "APEX_220100.WWV_FLOW_MAIL", line 1243
# APEX| |ORA-06512: at "APEX_220100.WWV_FLOW_MAIL", line 1866
# APEX| |
I've downloaded again the certificate for smtp.gmail.com using
echo | openssl s_client -connect smtp.gmail.com:587 -starttls smtp | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > smtp.gmail.com.crt
but still getting the same certificate error.
Also included in the wallet all the certificates for the rest of the chain but that didn't fix the issue
Thanks
-
Finally, I successfully complete the configuration.
I delete all the certificates on the Wallet and instead of trying to get the certificate from smtp.gmail.com I get the certificate chain of mail.google.com and in this way the connection finally was successful.
Regards