HTTP API give 400 ERROR

Hi I’m new here but have been trying to use the API from Oracle 12.1 and there we don’t have TLS 1.3 so therefore I must use HTTP instead of HTTPS.
It has been working fine until today when I get a response like this one.
The call is for
http://www.trade-tariff.service.gov.uk/api/v2/sections/1
Is this a temporary problem or am I doing something wrong?

// Bo-Göran

– Response –

ERROR: The request could not be satisfied

400 ERROR

The request could not be satisfied.


Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.

Generated by cloudfront (CloudFront)
Request ID: i4Y-mh9xGT5lobS3GwPXLOBqg4Ur4Bx7NBeYXfnPA5srE1VswnxJPQ==

Hi @bluttren

I was not even aware the API worked over HTTP, I would not recommend that and in fact, it may need to disabled.

Does Oracle support TLS 1.2? We could look to allowing that protocol if we have a valid use-case.

Regarding the 400 error, that looks odd, it seems to be a temporary CloudFront issue which we use as our CDN, which we will investigate further.

Thanks,
Matt

I see we do allow http, although this is because we are hosting the CDN ourselves (Bit Zesty) and have a custom rule in place. Soon (in the coming weeks) the CDN will be moved into the GOV.UK PaaS account and I’m not sure if they would allow this configuration so please do not rely on using http.

Looking at the TLS settings, it should allow TLS 1.2, is this an issue you could raise with Oracle?

Thank you Matt for the quick answer.
Sorry to here that the HTTP isn’t to be used.
The problem I have is that we won’t be able to update the database until late next year long after Brexit.
And No oracle 12.1 can’t support TLS 1.2 or 1.3, maybe 1.1 if I have been reading correct.
After DB update we will be on Oracle 18 so then I think it will work with https too.
Another problem I see is that some HS codes get a redirect to prod London like this one
https://tariff-frontend-production.london.cloudapps.digital/api/v2/headings/0409
Is there more sites I need to open in my firewall or is is just these 2 ?
“https:\api.trade-tariff.service.gov.uk
“https:\tariff-frontend-production.london.cloudapps.digital”

Hi @bluttren,

Interesting, the redirect should include the full base URL

https://www.trade-tariff.service.gov.uk/api/v2/

The site you linked will not work shortly - so do not use it, we will ensure that redirects include the correct base URL.

TLS 1.1 is supported but I’m not sure how long that will be given it’s age.