SSL/TLS requires an Oracle wallet with a SMTP server certificate
Get a STMP Server TLS Certificate and a Corresponding CA Certificate
echo QUIT | openssl s_client -connect smtp.fit.vutbr.cz:25 -starttls smtp 2>/dev/null | openssl x509 -text > smtp_tls.pem
wget -O root-ca.pem 'http://ca.vutbr.cz/pki/pub/cacert/cacert.pem'
Create Oracle Wallet with the Certificates
EWALLETDIR=/home/oracle
EWALLET=smtp_wallet.p12
PASS=1a2b3c4d
ORAPKI=$(ls /u01/app/oracle/product/*/*/bin/orapki | head -1)
# create a PKCS12 wallet with a user certificate
openssl pkcs12 -export -in "smtp_tls.pem" -out "${EWALLET}" -name "smtp_tls" -password "pass:${PASS}"
# add a trusted self-signed root certificate into the wallet
${ORAPKI} wallet add -wallet "${EWALLETDIR}" -pwd "${PASS}" -cert "root-ca" -trusted_cert
# enable auto-login by the wallet
${ORAPKI} wallet create -wallet "${EWALLETDIR}" -pwd "${PASS}" -auto_login
# display the wallet
${ORAPKI} wallet display -wallet "${EWALLETDIR}" -pwd "${PASS}" -complete
Use the Wallet in PL/SQL
declare
l_connection utl_smtp.connection;
begin
l_connection := utl_smtp.open_connection(
host => 'smtp.fit.vutbr.cz',
port => 25,
wallet_path => 'file:/home/oracle/smtp_wallet',
wallet_password => '1a2b3c4d',
secure_connection_before_smtp => false);
utl_smtp.ehlo(l_connection, 'smtp.fit.vutbr.cz');
utl_smtp.starttls(l_connection);
utl_smtp.auth(l_connection, 'username', 'userpassword');
end;