Wallet and dbms_crypto

Similar Messages

• Issues with utl_https, Oracle Wallet and firewall

  Hello Everyone,
  We are experimenting with Oracle wallet and utl_http and are attempting to do an https transfer, but we are facing some problems. I will appreciate your help greatly if you can advise on what could be wrong. We are on db version 10.2.0.1 and Unix HP-UX and are operating from within a firewall. The intention is to ping an https url and get a simple 200 response. Future development would include get/post XML documents from that url and other interesting stuff. I understand that utl_http with Oracle wallet can be used for this purpose.
  The wallet has been created and the ewallet.p12 exists. We downloaded the SSL certificate from the url's website and uploaded into the wallet. Everything works if I put in a url with plain http but then things don't work with an HTTP*S* url. Is something called HTTPS TUNNELLING required because we have a firewall? I have no idea what this is or how it can be done.
  I tried https with an internal urls within the firewall. But again, no luck. - So probably not just a firewall issue.
  With HTTPS when I run the below code I get the following error with internal or external https sites. Again, greatly appreciate your time and help because this is the first time we are using Oracle wallet manager and do not know where to go from here.
  ORA-29273: HTTP request failed
  ORA-06512: at "SYS.UTL_HTTP", line 1029
  ORA-29268: HTTP client error
  declare
  url varchar2(225);
  req utl_http.req;
  resp utl_http.resp;
  my_proxy BOOLEAN;
  name varchar2(2000);
  value varchar2(2000);
  V_proxy VARCHAR2(2000);
  v_n_proxy varchar2(2000);
  v_msg varchar2(100);
  v_len PLS_INTEGER := 1000;
  BEGIN
  -- Turn off checking of status code.
  utl_http.set_response_error_check(FALSE);
  --Set proxy server
  utl_http.set_proxy('my-proxy');
  utl_http.set_wallet('file:<full Unix path to the wallet on DB server>','wallet998');
  req := utl_http.begin_request('https://service.ariba.com/service/transaction/cxml.asp');
  --Set proxy authentication
  utl_http.set_authentication(req, 'myproxyid', 'myproxypswd','Basic',TRUE); -- Use HTTP Basic
  resp := utl_http.get_response(req);
  FOR i IN 1..utl_http.get_header_count(resp) LOOP
  utl_http.get_header(resp, i, name, value);
  dbms_output.put_line(name || ': ' || value);
  END LOOP;
  utl_http.end_response(resp);
  exception
  when others then
  dbms_output.put_line(sqlerrm);
  END;

  user11992646 wrote:
  Here we have something like "firewall rules". When we want internet users to access an external website without entering web proxy userid/pswd(the same I used for set_authentication), our web team establishes a rule or an exception like ...such and such website can be accessed without entering proxy userid/pswd information. A firewall does not use user authentication - in other words, when a web browser traffic goes via a firewall, the firewall will not ask the web browser for credentials and the web browser will not popup a username & password box.
  A firewall does not work at application protocol level. It works at physical wire level. IP addresses, subnets, ports, packet type and header content, and so on.
  A web proxy works at application protocol level. The web browser sends the http request to the web proxy. The web proxy may expect authentication - and request the web browser to supply it. In which case the web browser will popup the authentication box for you to enter a username and password.
  Thus if you are going via a plain firewall, it does not need any kind of username/password identification. It uses your IP address and other data about the packets your machine is sending, to determine what rules to apply.
  The remote web site can also expect authentication (and if the web proxy does too, you have 2 sets of credentials to supply). A firewall cannot supply these credentials (as it works on a network protocol level). A web proxy (working on application protocol level) can.
  When your network traffic (e.g. from UTL_HTTP) goes via a firewall, there is nothing special or specific you need to do. UTL_HTTP is an application protocol. The firewall deals with the lower level wire protocol.
  Otoh, if your http/https traffic goes via a proxy, you need to do specific steps in UTL_HTTP (like setting the proxy and supplying credentials if needed).
  So I'm not sure what you are saying above.. a firewall cannot supply web authentication details for web server access.
  Then I commented out set_proxy, set_authentication. I was still able to establish SSL handshake with https://ihavefirewallrule.com and retrieve data. Seems like "firewall rule" took care of proxy authentication also.
  Proxy authentication only applies when the proxy expects authentication. And as I mentioned, a firewall does use username authentication, and nor can supply authentication as an application protocol proxy.
  Now it gets even weirder. I even commented out the set_wallet part. It still worked! I was able to establish a SSL handshake with https://ihavefirewallrule.com e.g. https://verisign.com.
  In the same Oracle session? You'll need to check how wallet access is handled. I think that once opened in a session it stays open - thus subsequent code does not need to explicitly open the wallet again.
  In our test instance both Apache web server and DB server are on the same machine.
  Is somehow utl_http using our Apache server's SSL certificates to connect to https://ihavefirewallrule.com?
  Not possible. Oracle does not know anything of such an Apache installation at a s/w level. Nor will it borrow and use anything from such installed s/w.
  Would opening up 443/tcp port to firewall + proxy_authentication in the code resolve these issues? I think your comment in previous e-mail regarding port 80 and 443 hints at this.That depends on the s/w layers you have between UTL_HTPP and the remote web server - and I'm not clear whether you are using just a firewall, just a proxy, both, or a single piece of s/w that attempts to be both a wire protocol firewall and an application protocol proxy..
  The best would be to talk to the network administrator on your side. As you are accessing that remote site from an Oracle server using UTL_HTTP for production purposes, it means that "trusted" server access can be configured. In such a case, opening tcp ports 443 and 80 for the server's IP on the firewall should be considered. No web proxy used. The routing table of the Oracle server setup to ensure that traffic to external sites be routed via the firewall.
  Not an Oracle issue.. but simply one of network connectivity between the server platform running Oracle and the remote web sites that need to be accessed.

• How can I disable Jolly Wallet and Quickshare from websites?

  How can I remove QuickShare widget and Jolly Wallet from my computer. They pop up on every website I visit. If I click them off, as soon as I go to a new page, they're back again.

  You have quite a few extensions that sound as though they might be responsible for this. Try this:
  Disable ALL nonessential or unrecognized extensions on the Add-ons page. Either:
  * Ctrl+Shift+a
  * orange Firefox button (or Tools menu) > Add-ons
  In the left column, click Extensions. Then, if in doubt, disable.
  Usually a link will appear above at least one disabled extension to restart Firefox. You can complete your work on the tab and click one of the links as the last step. But hold off on restarting for a moment until checking this second issue:
  There is a user.js file in your settings folder. This file will override your settings when you next start Firefox. You may need to get rid of it. This article has the steps for that: [[How to fix preferences that won't save]].
  ''Note:'' if you do not see file extensions like .js, .zip, and others when viewing your Firefox settings files, Windows may be set to hide them from you. To work accurately with files, it would be better to show them. This article has the method: [http://support.microsoft.com/kb/865219].
  Any improvement?

• Oracle Wallet and XE

  I believe this topic has been discussed quite a bit in the past on this forum. Essentially I would like to be able to utilize utl_http to access an external website using https. Doing research on this, I've come to find out that:
  a. You need to use Oracle Wallet Manager to import trusted certificates from these sites.
  b. Oracle Wallet Manager is part of Oracle Advanced Security Module
  c. Oracle Advanced Security Module is only applicable to Enterprise Edition Database.
  d. The 'owm' binary does not come packaged with Oracle XE.
  In my search, I also came across the following in the official Oracle Database Licensing Information document (http://download-west.oracle.com/docs/cd/B19306_01/license.102/b14199/editions.htm)
  Oracle Wallet
  Oracle Wallet is a password-protected container used to store authentication and signing credentials, including passwords, private keys, certificates, trusted certificates, and TDE master keys. Oracle Wallet Manager is an application that wallet owners can use to manage and edit the security credentials in their Oracle wallets. Oracle Wallets can be deployed on clients, middle tiers, and database servers free of charge. However, the following features that use an Oracle Wallet in turn require licensing of the Oracle Advanced Security Option: PKI credentials and transparent data encryption master keys. Oracle Advanced Security option is not required when configuring wallets to secure communication between the Oracle Database and Oracle Internet Directory.
  Based on this description, my intended use of Oracle Wallet would not require the Oracle Advanced Security option as I just want to store certificates of those sites I'm accessing via https.
  Does this mean that I could fire up owm on another database server, create the file and then use it in my XE application? Or does it mean that because I'm running XE and because owm did not come with the distribution, I have no right to utilize the functionality?
  Thanks in advance for any input.

  The T in TDE stands for transparent, so your application shouldn't need to even be aware that any columns or tablespaces are encrypted. TDE is generally implemented in systems that were never designed to encrypt the data, so in theory it should be "perfectly safe" to develop unencrypted and have the client encrypt the columns during installation.
  Of course, when marketing folks start talking about things that are "perfectly safe", that's always a sign of danger ahead. Even though I've never heard of a case where encrypting a column caused a problem for an application, I would be very dubious of doing development in an environment different than production. That includes the exact version of the database (I assume the client has installed the latest patchsets, so they're running 10.2.0.4, for example) as well as the edition. If you decide to rely on the fact that everything should go smoothly when you promote to a different version of a different edition of the database with a different schema definition, even though it normally should, you're pretty much guaranteeing that you will end up with a problem that will be a pain to resolve.
  In your case, I wouldn't use XE for development. It would be much safer to develop against the personal edition. That isn't free, but that is the enterprise edition of the database licensed to be run on developer machines. It isn't free, but it's way less than an enterprise edition license.
  Justin

• How to create a Wallet and use  &  in organization name

  Im trying to create a wallet but my organizacion use & in his name and webcache not allow it
  Any help on this

  sorry the error is not a problem of webcache. The main problem was oracle wallet manager not suport special characters like &
  So oracle sugest use 11g wallet manager and then import on oracle wallet 10g
  Regards

• Wallet and Cert location with OHS in front of B2B

  Hi,
  I am trying to figure out how many and what types of Certs are needed as well as where the wallet should reside in the following scenario. We have a stand alone OHS in a public DMZ which is forwarding our inbound trading partner messages to the MidTier server which contains B2B. We have also configured B2B to use the public DMZ OHS as a proxy when sending outbound messages to the trading partners. The RosettaNet PIPs that we will be implementing require signing (non-repudiation), encryption and SSL.
  I assume that SSL must be enabled on the public DMZ OHS, but does it have to be enabled on the MidTier server as well? I believe that if we had to enable it on both servers, then different certs would be required for the different servers, but I am not sure.
  Also, we have to configure the outbound messages from our B2B with all of this (signing, encryption and SSL). Does this require a cert and wallet on the B2B server or on the OHS or both? I know that when configuring the trading partner within B2B, the cert must be accessed, but I am completely confused on if this is the cert that we use on OHS or something different.
  Thanks so much for any help you can provide!
  Darrin

  Hi Darrin,
  Certificates will be used at both OHS and Midtier. At OHS you are receiving incoming traffic so your server certificate should be there (in PKCS 12 format). From midtier, you are sending messages to your TP's (your Outbound), so your client certificate should be at Midtier at following location-
  Oracle_Home/Apache/Apache/conf/ssl.wlt/default
  At above location three files should be there-
  1. cwallet.sso
  2. ewallet.p12 (Your Client cert with all trading partners server cert public key in base 64 format including CA's cert as well)
  3 ewallet.txt (export of whole ewallet.p12 in ".txt" format)
  Give path of ewallet.txt in your tip.properties file.
  SSL would be enabled at both midtier and OHS, but if OHS is sending messages to midtier at HTTP port then do not enable transport security in your host tp's delivery channel.
  You have to upload certificates which will be used for siging and encryption at resepective tp's delivery channel.
  Wallets are used for client and server authentication and signing and encryption in outbound where as certs uploaded at tp's delivery channel are used for decrypting the incoming message as well as verifying the tp's signature in message.
  Regards,
  Anuj
  Edited by: Anuj Dwivedi on Feb 11, 2009 12:28 PM

• Wallets and Certificates

  Hi!
  I've set up the Forms/Reports standalone version of 10g Application Server (10.1.2.0.2). I've generated a csr for a certificate and sent it off to our organization's CA (Geotrust). I received my certificate and I would like to import it into the wallet that I've created. However, the documents that I have read refer to a root certificate and a user certificate. I only have one certificate. Can I just import it as a trusted certificate?

  No, you need the root certificate of the CA that signs the CSR.
  When you open the wallet manager you can see a short list of CA's that already exist. All others need to be imported. Usually your CA will provide you with its root certificate when you ask them.
  cu
  Andreas

• Differences between php sha1 and dbms_crypto sha1

  Hey Gang...
  Having a little trouble with this. If I call:
  dbms_crypto(rawtohex('password'),3)
  I get a very different result then when I call the php function:
  sha1("password")
  Anyone have any clues for me?
  Thanks in advance.

  I see the same values being generated with Oracle 11.2 and PHP:
  SQL> select dbms_crypto.hash(rawtohex('password'), 3) from dual;
  DBMS_CRYPTO.HASH(RAWTOHEX('PASSWORD'),3)
  5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8
  I get the same results with 5.1.6 and 5.2.15RC2-dev:
  $ php -r "echo sha1('password'), PHP_EOL;"
  5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

• Printing my own photos!  Does anyone know what happened to the area on the left hand side of iPhoto when you went into printing your own photos?  I used to be able to create a page of wallets and print it from my own computer and now I can't find it.Help

  Does anyone know what happened to printing your own photos in iphoto?  There used to be a thing on the left hand side of iphoto that you used to create wallets, 5x7, etc.  Now there is nothing there.  Can anyone help me?  I dont want to order stuff, i want to pirint my own.

  what version of iPhoto?
  LN

• Database connectivity requiring oracle wallet, tnsnames.ora, and sqlnet.ora

  We have a new datasource that I need to write a report against.  In order to access the db, I have to install an Oracle wallet on my pc that contains a certificate.  I then have an entry in the sqlnet.ora file that references this wallet, and I have an entry in my tnsnames file.  I wrote a report successfully on my pc.  We then have our Business Objects installation on a Sun Solaris machine with Unix.  We installed the wallet, added the sqlnet.ora entry, and the tnsnames.ora entry.  I am able to connect to the db from the unix command prompt by typing sqlplus username@dbname successfully.  However, when I place my Crystal Report in Bus. Obj. I cannot get it to work.  I go to the CMC, select the report, choose Process, Database.  I am entering Use custom database logon info and choosing Oracle as my database driver.  I then enter the tnsnames entry into the server and enter my username and password and check the use use same database logon as when report is run.  I get the error The database logon information for this report is either incomplete or incorrect.  I'm guessing the report is not using the certificate in the wallet when it is trying to log on, but I'm not sure.  Does anyone have any suggestions or experience with this?  Thanks in advance for any help.

  Hi Angie,
  you should install the 32bit Oracle driver on your Solaris machine and adjust the LD_LIBRARY_PATH environment variable (in the profile of the BOBJ installation user) to point to the path of the 32bit libraries of your Oracle driver.
  BOBJ is not a native 64bit software and can therefore work only with the 32bit versions of the database drivers.
  Regards,
  Stratos
  Edited by: Efstratios Karaivazoglou on Jul 15, 2009 4:49 PM

• JCOP 3.1.1 and Wallet Demo

  Hi,
  I am working on a project with smart cards and JCOP 3.1.1. I am trying to run the Wallet sample demo and I am facing a wrong data error during the installation. Here are the APDU traces :
  cm> upload -d "D:\Eclipse\Eclipse31\workspace\wallet\bin\com\sun\javacard\samples\wallet\javacard\wallet.cap"
  Status: No Error
  Load report:
  2816 bytes loaded in 0.1 seconds
  effective code size on card:
  + package AID 6
  + applet AIDs 17
  + classes 23
  + methods 421
  + statics 0
  + exports 0
  overall 467 bytes
  cm> install -i 77616c6c65742e617070 -q C9#() 77616c6c6574 77616c6c65742e617070
  => 80 E6 0C 00 23 06 77 61 6C 6C 65 74 0A 77 61 6C ....#.wallet.wal
  6C 65 74 2E 61 70 70 0A 77 61 6C 6C 65 74 2E 61 let.app.wallet.a
  70 70 01 00 02 C9 00 00 00 pp.......
  (76596 msec)
  <= 6A 80 j.
  Status: Wrong data
  jcshell: Error code: 6a80 (Wrong data)
  jcshell: Wrong response APDU: 6A80
  Unexpected error; aborting execution
  As I use debugging, the code line that generates the error is :
  pin.update(bArray, bOffset, bLength);
  in the wallet() constructor :
  private Wallet (byte[] bArray,short bOffset,byte bLength){
  // It is good programming practice to allocate
  // all the memory that an applet needs during
  // its lifetime inside the constructor
  pin = new OwnerPIN(PIN_TRY_LIMIT, MAX_PIN_SIZE);
  // The installation parameters contain the PIN
  // initialization value
  pin.update(bArray, bOffset, bLength);
  register();
  } // end of the constructor
  public static void install(byte[] bArray, short bOffset, byte bLength){
  // create a Wallet applet instance
  new Wallet(bArray, bOffset, bLength);
  } // end of install method
  I've seen in a thread linked to Wallet and JCOP a tip :
  SInce JCOP is a GP card, the install() method gets the parameters in GP format. You cannot change that format. So you'll have to do something like this:
       private WalletApplet(byte[] bArray, short bOffset, byte bLength) {
            // skip instance AID
            bOffset += (short) (bArray[bOffset] + 1);
            // skip application privileges
            bOffset += (short) (bArray[bOffset] + 1);
            // set bLength
            bLength = (short) (bArray[bOffset++] & 0xff);
            // now bOffset and bLength are correct for install data
  but It didn't worked, I still have the error...
  I can't find out what I'm doing wrong.
  Thanks for helping.

  I have exactly the same problem. After 3.1 upgrade, 75-90% of all incoming calls going straight to VM, even when showing full bars and I'm sitting watching my phone. Outbound calls just "hang", with "calling".
  I finally turned off "3G" in settings (reverts to "E" network), and now calls are working again. Apparently 3.1 "broke" 3G connection to ATT network.
  Personally, I want a refund for my monthly service that includes 3G. We should all ask for refunds of our monthly service. Don't they even TEST this before the put the new code out there?

• Can i make use of same wallet for both Oracle Weblogic Server and OHS

  We have configured an setup where Oracle HTTP Server 11g is configured as proxy server which will loadbalance the request to the cluster managed server.
  We have created the wallet and configured SSL for Oracle Weblogic server. Now we want to configure SSL for OHS (Oracle HTTP Server ) .
  Can we make use of same wallet.
  For creating wallet i have used keytool utility and for certificate Microsoft CA.

  10/04/15 11:47:00 Start process
  /apps/weblogic/Oracle_11g/ohs/bin/apachectl startssl: execing httpd
  Syntax error on line 70 of /apps/weblogic/Oracle_11g/instances/instance1/config/OHS/ohs1/ssl.conf:
  Invalid command 'SSLCertificateFile', perhaps misspelled or defined by a module not included in the server configuration
  When i am using separate wallet and that too using oracle wallet manager it is working fine .. But with keytool utility it is not working...
  When used keytool it gave below error
  [2010-04-13T11:17:22.4873+04:00] [OHS] [ERROR:32] [OHS-2052] [mod_ssl.c] [host_id: dxb01-sol-intellectapp] [host_addr: 10.240
  .245.41] [pid: 22731] [tid: 1] [user: root] [VirtualHost: dxb01-sol-intellectapp:4443] server dxb01-sol-intellectapp:4443 ha
  s an invalid wallet: file:/export/home/weblogic/ohsssl :: 28759
  [2010-04-13T11:17:22.4874+04:00] [OHS] [ERROR:32] [OHS-2171] [mod_ssl.c] [host_id: dxb01-sol-intellectapp] [host_addr: 10.240
  .245.41] [pid: 22731] [tid: 1] [user: root] [VirtualHost: dxb01-sol-intellectapp:4443] NZ Library Error: Failed to open the
  wallet [Hint: incorrect path, incorrect password, bad wallet, ...]
  As per hint , the path was correct , wallet was perferct , no where i was passing the password. So thought of passing password for keytool and used SSLWalletPassword key , but later found that it is depricated ...
  That means we have to use oracle wallet manager where we can enable auto login ...
  Please Advice if i am wrong..

• RC4 Encryption with DBMS_CRYPTO - 10.1..0.3 database

  Since Oracle recommends to store encrypted value in RAW if using dbms_crypto AES 256/128bit encryption and we dont have the luxury of changing the datatype , We plan to use RC4 algorithm using dbms_crypto and store encrypted columns in char columns.
  Trying to see if anybody used RC4 encryption, pros/cons of storing encrypted values in char datatype. Any ideas appreciated.
  Thanks a lot.
  S~

  First, Transparent Data Encryption (TDE) requires that you upgrade to the enterprise edition of Oracle 10.2 and that you license the advanced security option.
  Assuming you've done that, though, TDE and DBMS_CRYPTO are very different approaches that solve very different problems. TDE encrypts data on the disk, but transparently decrypts it when anyone queries the table. So if I issue the query
  SELECT encrypted_column
    FROM table_nameTDE will transparently and automatically decrypt the data and show me the plain text. DBMS_CRYPTO will encrypt the data on disk as well as encrypting it when you do a SELECT, although proper key management tends to be the big killer-- it's very difficult to ensure that the key itself is kept secret, particularly if someone steals your backups. TDE solves this problem by storing the key in a separate wallet that is not part of the database.
  Justin

• Wallet - without SSO File

  Hello
  I'd create a oracle wallet and i can connect without a password to the database. But now I'd delete the sso-file because I'll open the wallet with the statment "alter system.....". But I can't connect now als sys or system user. (Connect / as sysdba). I get always the message: "TNS: Wallet open failed".
  What's wrong?
  Thanks....
  roger
  Edited by: Street on 13.04.2012 01:45

  Hi Roger,
  you moust change sqlnet.ora. Disable wallet lines.
  FJH
  Sorry I did not read exactly. Above reply is invalid.
  FJH
  Edited by: user8684352 on 17.04.2012 04:49

• Issues with using utl_http with Oracle Wallet

  Hello Everyone,
  We are experimenting with Oracle wallet and utl_http and are attempting to do an https transfer and we are facing some problems. I will appreciate your help greatly if you can advise on what could be wrong. We are on db version 10.2.0.1 and Unix HP-UX. The intention ping an https url and get a simple 200 response. Future development would include get/post XML documents from that url and other interesting stuff. I understand that utl_http with Oracle wallet can be used for this purpose.
  The wallet has been created and the ewallet.p12 exists. We downloaded the SSL certificate from the url's website and uploaded into the wallet.
  Everything works if I put in a url with plain http. However, it does not work with an HTTP*S* url.
  With HTTPS when I run the below code I get the following error. Again, greatly appreciate your time and help because this is the first time we are using Oracle wallet manager and do not know where to go from here.
  ORA-29273: HTTP request failed
  ORA-06512: at "SYS.UTL_HTTP", line 1029
  ORA-29268: HTTP client error
  declare
  url varchar2(225);
  req utl_http.req;
  resp utl_http.resp;
  my_proxy BOOLEAN;
  name varchar2(2000);
  value varchar2(2000);
  V_proxy VARCHAR2(2000);
  v_n_proxy varchar2(2000);
  v_msg varchar2(100);
  v_len PLS_INTEGER := 1000;
  BEGIN
  -- Turn off checking of status code.
  utl_http.set_response_error_check(FALSE);
  --Set proxy server
  utl_http.set_proxy('my-proxy');
  utl_http.set_wallet('file:<full Unix path to the wallet on DB server>','wallet998');
  req := utl_http.begin_request('https://service.ariba.com/service/transaction/cxml.asp');
  --Set proxy authentication
  utl_http.set_authentication(req, 'myproxyid', 'myproxypswd','Basic',TRUE); -- Use HTTP Basic
  resp := utl_http.get_response(req);
  FOR i IN 1..utl_http.get_header_count(resp) LOOP
  utl_http.get_header(resp, i, name, value);
  dbms_output.put_line(name || ': ' || value);
  END LOOP;
  utl_http.end_response(resp);
  exception
  when others then
  dbms_output.put_line(sqlerrm);
  END;

  I tried this using plsql ...
  declare
  SOAP_URL constant varchar2(1000) := 'http://125.21.166.27/cordys/com.eibus.web.soap.Gateway.wcp?organization=o=WIPRO,cn=cordys,o=itgi.co.in';
  request      UTL_HTTP.req;
  begin
  dbms_output.put_line('Begin Request');
  request := UTL_HTTP.begin_request(SOAP_URL,'POST',UTL_HTTP.HTTP_VERSION_1_1);
  dbms_output.put_line('After Request');
  exception
  when others then
     dbms_output.put_line('Error : '||sqlerrm);
  end;The output was ...
  Begin Request
  Error : ORA-29273: HTTP request failed
  ORA-06512: at "SYS.UTL_HTTP", line 1029
  ORA-12535: TNS:operation timed outIt seems to be an issue with the webservice, plz check if its available & allowing requests.