ORA-24247: Network Access Denied by Access Control List (ACL) on Oracle Database 23ai

This error occurs if you’re trying to access a URL on Oracle23ai from within the database and don’t have the Network ACL defined to access the host. Oracle 23ai does not require you to define an Oracle wallet or add root certificates to access a HTTPS URL from within Oracle Database unlike 19c and 12c

But if you’re getting this error then create a ACL, assign ACL and add the privileges as below :

BEGIN
  DBMS_NETWORK_ACL_ADMIN.create_acl (
    acl          => 'test_acl_file.xml',
    description  => 'A test of the ACL functionality',
    principal    => 'ADMIN',                                 
    is_grant     => TRUE,
    privilege    => 'connect',
    start_date   => SYSTIMESTAMP,
    end_date     => NULL);
  COMMIT;
END;
/

 

BEGIN
  DBMS_NETWORK_ACL_ADMIN.assign_acl (
    acl         => 'test_acl_file.xml',
    host        => '*' ,               
    lower_port  => 443,
    upper_port  => 443);
end;
/

 

BEGIN
  DBMS_NETWORK_ACL_ADMIN.add_privilege (
    acl         => 'test_acl_file.xml',
    principal   => 'ADMIN',          
    is_grant    => TRUE,
    privilege   => 'resolve',
    position    => NULL,
    start_date  => SYSTIMESTAMP,
    end_date    => NULL); 
  COMMIT;
END;
/


select * from dba_network_acls;

select * from DBA_NETWORK_ACL_PRIVILEGES;



Once the above is added then you should be able to access the URL

 select utl_http.request('https://www.google.com') from dual;

Or from PL/SQL

declare
    l_url      varchar2(100) := 'https://www.google.com';
    l_req      utl_http.req;
    l_response utl_http.resp;
    l_buffer   varchar2(4000);
  begin
    l_req  := utl_http.begin_request(l_url);
    l_response := utl_http.get_response(l_req);
    begin
      loop
        utl_http.read_text(l_response, l_buffer, 4000);
        dbms_output.put_line (l_buffer); exit;
      end loop;
    exception
      when utl_http.end_of_body then
        utl_http.end_response(l_response);
    end;
  end;
  /

Category: Uncategorized

Tags:

Leave a Reply

Article by: Shadab Mohammad