要求:Web Services – Version 10.1.3.0.0 或者更高Oracle数据库版本 10.2.0.1 或者更高概要
该文章主要介绍如何设置Oracle数据库的JVM,,使UTL_DBWS可以通过HTTPS / SSL调用Web Service。
方法步骤
Note:Please note that you will require to perform the following before generating the Web Service Client Proxy classes because to access the WSDL over HTTPS, you will need to have completed this configuration
Oracle Database 10.2.xcomes with JVM 1.4.2 which already contains JSSE. This spares us of adding any additional Java packages to be able to talk SSL to the Web Service.
However, to access a Web Service over SSL,UTL_DBWSwill first have to read the certificate from the Web Service’sCertificate Authority(CA). For this, the Database will have to import the CA certificate in it’scacertscertificate stores.
To achieve this, perform the following :
If you are using aCA that is not already trusted by the JVM (for example when you are using a test certificate, or you have your own CA), you need to add your CA’s root certificate to the keystore. The following command can be used to list the trusted certificates stored in the JVM’s keystore:
keytool-list-v-keystore$ORACLE_HOME/javavm/lib/security/cacerts-storepasschangeit
The above command shows the command to list the certificates in the Database JVM’s keystore. You might also want to see the certificates in the JRE/JDK used by Database utilities likeJPublisher- these are usually located in$ORACLE_HOME/jre/1.4.2/lib/security/cacerts(JRE) and/or$ORACLE_HOME/jdk/jre/lib/security/cacerts(JDK). Note that the default keystore password is "changeit".Get the CA’s Certificate file from the server hosting the Web Service.To add your CA’s certificate to the Database keystores, use the keytool with the -import option:
keytool-import-trustcacerts-aliasaliasname-file<pathtocertificatefile>-keystore$ORACLE_HOME/javavm/lib/security/cacerts-storepass<keystorepassword>
Also, add the certificate to JPublisher’s JRE and/or JDK keystores using the same command. The location ofcacertsfor these would be as explained in Step#1 above. You should see a confirmation message that the certificates have been successfully added to the keystores. (At this point, you might need to restart your database).Now you can proceed with generating your Web Service Client in the Database – seeNote:838892.1- FAQ : Oracle Database as a Web Services Clientfor further details on recommended ways to do this.
Note: Note that SSL Wallets are not supported by UTL_DBWS.
充满了恐惧的声音,一种不确定的归宿的流动。
