topic Re: Connecting to Engine API - Certificate error in Integration, Extension & APIs

Connecting to Engine API - Certificate error

hermandup_anz — Mon, 18 Sep 2023 03:22:26 GMT

I am trying to connect to the Engine API from a .net application using certificate authentication, but I get back a "PartialChain" certificate error. I use the same certificate and password combination to connect to the Repository API which works perfectly. Why would I get the the partial chain error when it seems the certificate is valid?

URL: wss://{servername}:4747/app/
Certificate: {servername}.pfx
Request header: "X-Qlik-User", "UserDirectory=internal;UserId=sa_engine"
Error: "The SSL connection could not be established, see inner exception."
Error Inner Exception: "The remote certificate is invalid because of errors in the certificate chain: PartialChain"

Re: Connecting to Engine API - Certificate error

Øystein_Kolsrud — Mon, 18 Sep 2023 07:25:52 GMT

I don't think I've ever encountered that error before, but it certainly sounds like your certificate is not top notch. Are you sure you've not simply just disabled certificate validation in your REST calls?

I'm not really an expert on certificates, but I found this pretty long article describing the issue and possible ways to identify and fix such problems: https://support.cloudways.com/en/articles/5129639-how-to-fix-incomplete-certificate-chain-warning

Re: Connecting to Engine API - Certificate error

hermandup_anz — Thu, 21 Sep 2023 23:57:13 GMT

So i figured out that I needed a trusted certificate for the Central node installed in my certificate store and the issue had nothing to do with the certificate I attach for authentication when making the websocket connection. This was not the case for making a REST connection to the Repository API. Interesting.