Hi,

you're talking about the wallet which needs to be configured to access HTTPS URLs, is that correct. That is being specified by administrators in the INTERNAL workspace, as the wallet is an instance-wide configuration. If it was configured in one workspace, that would impact all other workspaces.

Are you asking for “per-workspace” wallets, then?

regards

-Carsten

Yes, it is about maintaining SSL certificates for HTTPS URLs. Apex does not have an option to define a separate wallet path for Social sign-ins and Print/Report Server configuration, so developers have to create a certificate bundle for social sign-ins (Google,Microsoft,Facebook...etc) and report servers (Apex Office Print or FOP) and define the wallet path at apex instance level. It makes the wallet maintenance difficult as all APIs get impacted when updating a certificate in the bundle ( due to its expiry or new certificate). Hence, I created this request asking for new attributes (wallet path and password) for developers to provide separate paths while setting up the social sign authentication or Print Server configuration features so that developers can maintain separate wallets for every HTTPS URL if they would like. 

It needs changes to Apex internal APIs to pass the values of new wallet attributes (if they are defined) and override the instance level wallet in the APEX_WEB_SERVICE API while Social Sign in or Report Server URLs are invoked.

Hi,

I’m afraid, this is rather an enhancement request for the database than for APEX. All HTTP communication for APEX is done by the UTL_HTTP PL/SQL package, which is part of the core database, and not of APEX.

And UTL_HTTP only allows to configure wallets on the file system of the database server, so by nature it has to be  configured at the APEX instance level.

So this is an enhancement idea for the UTL_HTTP package. The Database team is collecting ideas here:

https://community.oracle.com/tech/apps-infra/categories/database-ideas-ideas

If that was the domain of APEX, I would start such a project as soon as possible - but unfortunately this is not in the area of the APEX team.

Best  regards

-Carsten

Hi,

Both APEX_WEB_SERVICE and UTL_HTTP APIs already have a parameter for wallet path and password to validate the SSL certificate.  All we need in APEX is adding two new attributes to store the wallet path and password along with the endpoint URL while setting up Social authentication scheme and Report server configuration, and getting the values from the new attributes ( if they are not blank) and passing them to APEX_WEB_SERVICE/UTL_HTTP API while APEX APIs are invoking the Social Sign-in /Report Server URLs. If the new attributes are blank, Apex can get the wallet values defined at the Apex instance and pass them to the APEX_WEB_SERVICE/UTL_HTTP API.    

     Per APEX_WEB_SERVICE API documentation, the P_WALLET_PATH parameter value overrides the wallet property values of the instance. In the same way, changes are to be made to the apex APIs calling Socials Sign-in and Report Server URLs to give the preference to the new wallet attributes defined at the Social sign-in authentication scheme and report server configuration over the instance level settings. Logically, Apex should get values using NVL(wallet path defined at Authentication scheme/report server configuration, wallet path defined at the instance) function while invoking external endpoint URLs using UTL_HTTP/APEX_WEB_SERVICE.

Thanks