I have always handled certificate with the oracle wallet component. Hope it helps, Jean Marie
Sent from my Orange HTC Touch Pro ________________________________ De: Parker Grimes <[email protected]> Env: mercredi 26 août 2009 06:17 À: [email protected] <[email protected]> Objet: [cas-user] CAS PL/SQL client and SSL certificate validation errors Hi all, This question isn't really an issue with CAS, but I am hoping someone out there has used the PL/SQL CAS client and can offer a suggestion to a problem we are having. We have been using the PL/SQL CAS client for two years now successfully. Our SSL certificate expires soon on our CAS server. After we install the new SSL certificate (from Verisign) on our CAS server, the PL/SQL CAS client fails with a certificate validation error. Specifically when it calls utl_http.request('https://ourcasserver.edu/cas/validate...... we get the following Oracle error: ORA-29273: HTTP request failed ORA-06512: at "SYS.UTL_HTTP", line 1577 ORA-29024: Certificate validation failure ORA-06512: at line 1 As soon as we put the old certificate back, it works just fine. I am thinking that perhaps there has been a new Intermediate or Root certificate from Verisign that isn't in place on our Oracle database server. Is there anyone out there knows where Oracle keeps those and how to update them? I am only familiar with how Java handles the root/intermediate CA certificates, in the cacerts file, but not sure if Oracle has something equivalent to a root cacerts file. Anybody know? Thanks, Parker -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
