How to Get Secure Web Services (SSL/HTTPS) and Oracle APEX Working

Learn How to Call Secure Web Services (SSL/HTTPS) from Oracle APEX applications!

More and more APEX developers need to call (consume) web services from their applications.  What environment changes are required to support a secure web service call?

In this four-part tutorial Oracle Certified Master DBA John Watson, SkillBuilders Director of Oracle Database Services, will demonstrate how to configure the Oracle Database environment to allow external connections and recognize and accept vetted digital certificates.

This free training is segmented into several separate lessons:

  1. Introduction / Agenda (1:00)
    (click to read the Transcript)
    John describes what we are trying to achieve and provides an overview of the steps required.
  2. Demonstration – Create an Access Control List (1:08)
    To allow APEX (i.e. Oracle Database) to make an external call, someone (typically the DBA) must create an ACL with dbms_network_acl_admin.append_host_ace.
  3. Demonstration – Using the orapki Utility to Add Digital Certificates (3:57)
    The orapki utility must be used In order for the Oracle Database to recognize and accept the digital certificates from your desired web services. John demonstrates how in this lesson.
  4. Demonstration – Test the Secure Web Services Call (1:41) (click on video below)
    John demonstrates how he tests the web services call over SSL / HTTPS.

Date: Sep 6, 2016

NOTE: Some corporate firewalls will not allow videos hosted by YouTube.

Free Online Registration Required

The tutorial session you want to view requires your registering with us.

It’s fast and easy, and totally FREE.

And best of all, once you are registered, you’ll also have access to all the other 100’s of FREE Video Tutorials we offer!



Demonstration – Test the Secure Web Services Call

>> John:  So now let’s see if it is actually working. I’ll log on as the user, jw, for whom I created the access control list, enable server output, and run a simple block of code that will attempt to make an outgoing secure sockets call.




First, UTL_HTTP.SET_WALLET. I’m telling the session where the wallet is, c:\tmp\wallet and the password to open it. Then begin a request. The request, check response code.




Back comes response code 200. It’s working. So that’s what you have to do. Create an access control list that will give your nominated schemas access to the nominated website, then obtain the trusted certificate issuers for that website, load them into a wallet, and then your users, your APEX developers can make use of web services there, no problem. However, should you have difficulties making this work and, believe me, it can be pretty tricky. There are several levels at which the calls can fail, we will be only too happy to assist you with working through them.


Copyright 2017