In my previous blog post on Running ORDS Against the Autonomous Database - Part 2, we had looked at how to add an existing Let's Encrypt (LE) SSL certificate to an Oracle Cloud Infrastructure (OCI) Load Balancer. You'd typically wwant to host your websites or Oracle Application Express applications over a secure transport layer, especially when sensitive data is communicated between the browser and server.
Updated November 17, 2018 Please read this follow-up post as well. It contains an important note about intermediate certificates and where to download the root certificates.
One of the difficulties working with web services in the previous version of Oracle Database Express Edition (XE) was the lack of a usable Oracle Wallet. This was fast becoming a huge problems for developers, as many API providers started enforcing requirements to that clients accessed services through secured channels. When working with 11g XE, I often relied on proxies within a sandbox to mask the need for SSL/TLS. I discussed this somewhat at length in a previous blog post.
With the 18c release, Oracle has opened up and provided us developers the opportunities to make our apps safer. We now have access to the (orapki) tools needed to manage an Oracle Wallet. I don't do this a lot, so I keep a snippets of what I do to make this easy.
Earlier this year (2017), I had the privilege to share with the community, some of the work and experiences I gained helping to build some of the blocks that form the foundation of apex.world. In my presentations, I had shared some of the challenges I had integrating RESTful web services with Oracle Application Express (APEX). A crippling issue involved the use of Oracle Database Express Edition (Oracle XE) and communicating with web services over a secured protocol. The by-product of that experience led to the development of a simple Node.js application, which I named Suez.