PL/SQL Packages

Notes for Oracle Database PL/SQL packages in Autonomous Database.

Unavailable PL/SQL Packages

  • DBMS_DEBUG_JDWP

  • DBMS_DEBUG_JDWP_CUSTOM

  • UTL_INADDR

PL/SQL Packages Notes

  • DBMS_LDAP

    • Specifying an IP address in the host name is not allowed.

    • The only allowed port is 636.

    • The SSLWRL and SSLWALLETPASSWD arguments to the OPEN_SSL procedure are ignored. The default value for the SSLWRL property is set to the wallet that is used by UTL_HTTP and DBMS_CLOUD for making outbound web requests on Autonomous Database.

    • DBMS_LDAP usage is audited by default. You cannot disable auditing for DBMS_LDAP.

    • The LDAP servers must be accessible from Autonomous Database through the public internet and the port 636 of the LDAP servers must be open to Autonomous Database in Oracle Cloud Infrastructure, so that Autonomous Database can have secured LDAP access over TLS/SSL to the LDAP servers through the internet.

    • SSL/TLS is enforced for all communication happening between LDAP server and Autonomous Database.

    • When your Autonomous Database instance is configured with a private endpoint, set the ROUTE_OUTBOUND_CONNECTIONS database parameter to 'PRIVATE_ENDPOINT' to specify that all outgoing LDAP connections are subject to the Autonomous Database instance private endpoint VCN's egress rules. See Enhanced Security for Outbound Connections with Private Endpoints for more information.

  • UTL_HTTP

    • Connections through IP addresses are not allowed.

    • Only HTTPS connections are allowed (HTTP and HTTP_PROXY are disallowed).

    • All web services must be secured. The only allowed port is 443.

      Your instance is preconfigured with an Oracle Wallet that contains more than 90 of the most commonly trusted root and intermediate SSL certificates. This Oracle Wallet is centrally managed and therefore you cannot consume 3rd party web services that are protected using self-signed SSL certificates.

    • The SET_PROXY and SET_AUTHENTICATION_FROM_WALLET procedures are disallowed.

    • The WALLET_PATH and WALLET_PASSWORD arguments for the CREATE_REQUEST_CONTEXT, REQUEST, and REQUEST_PIECES procedures are ignored.

    • Oracle Wallet configuration cannot be altered. All arguments for SET_WALLET procedure are ignored.

    • UTL_HTTP usage is audited by default. You cannot disable auditing for UTL_HTTP.

    • When your Autonomous Database instance is configured with a private endpoint, set the ROUTE_OUTBOUND_CONNECTIONS database parameter to 'PRIVATE_ENDPOINT' to specify that all outgoing UTL_HTTP connections are subject to the Autonomous Database instance private endpoint VCN's egress rules. See Enhanced Security for Outbound Connections with Private Endpoints for more information.

  • UTL_SMTP

    • The only supported email provider is Oracle Cloud Infrastructure Email Delivery service. See Overview of the Email Delivery Service for more information.

    • Mail with an IP address in the host name is not allowed.

    • The only allowed ports are 25 and 587.

    • UTL_SMTP usage is audited by default. You cannot disable auditing for UTL_SMTP.

    • When your Autonomous Database instance is configured with a private endpoint, set the ROUTE_OUTBOUND_CONNECTIONS database parameter to 'PRIVATE_ENDPOINT' to specify that all outgoing UTL_SMTP connections are subject to the Autonomous Database instance private endpoint VCN's egress rules. See Enhanced Security for Outbound Connections with Private Endpoints for more information.

  • UTL_TCP

    • The IP address is not allowed in the host name.

    • The only allowed ports are: 443 (HTTP) 25 and 587 (SMTP).

    • For port 443, only HTTPS URLs are allowed.

    • The WALLET_PATH and WALLET_PASSWORD arguments for the OPEN_CONNECTION procedure are ignored. The default value for the WALLET_PATH and WALLET_PASSWORD property are set to the wallet that is used by UTL_HTTP and DBMS_CLOUD for making outbound web requests on Autonomous Database.

    • UTL_TCP usage is audited by default. You cannot disable auditing for UTL_TCP.

    • SSL/TLS is enforced for all communication happening over TCP/IP connections.

    • When your Autonomous Database instance is configured with a private endpoint, set the ROUTE_OUTBOUND_CONNECTIONS database parameter to 'PRIVATE_ENDPOINT' to specify that all outgoing UTL_TCP connections are subject to the Autonomous Database instance private endpoint VCN's egress rules. See Enhanced Security for Outbound Connections with Private Endpoints for more information.

  • DBMS_NETWORK_ACL_ADMIN

    • Granting ACL privileges on IP addresses is not allowed.

    • The http_proxy and use_passwords ACL privileges are not allowed.

  • UTL_HTTP Errors

    The following table shows error messages and possible causes for these error messages when using UTL_HTTP:

    Error Message Potential Cause

    ORA-12545: Connect failed because target host or object does not exist

    Target host or object does not exist or it is private.

    ORA-24247: network access denied by access control list (ACL)

    Access control list (ACL) for the specified host could not be found.

    ORA-29024: Certificate validation failure

    Certificate of the host does not exist or is not among the supported certificates.

See UTL_HTTP, DBMS_LDAP, UTL_SMTP, UTL_TCP, and DBMS_NETWORK_ACL_ADMIN in PL/SQL Packages and Types Reference for more information.