Solved: If I'm recovering a Qlik Sense site to a machine w... - Qlik Community

qlikalex · ‎2023-12-26

If I'm recovering a Qlik Sense site to a machine with a different hostname, why do I need to recover the certificate before installing qlik?

Albert_Candelario · ‎2023-12-27

Hello @qlikalex,

Please review this link: Verify/Execute Backups - qs-admin-playbook (qlik-poc.com)

"Certificates

When Qlik Sense Enterprise was designed, security against eavesdropping was built in by using certificates which Qlik generates to encrypt all traffic between services. This communication is encrypted no matter if the communication is self-contained to a single server or distributed across multiple nodes in a cluster. These certificates likewise are used to encrypt sensitive data which is stored in PostgreSQL (e.g. passwords to data connections). Due to this, the original certificates in a Qlik site are key seamless recovery. Without the availabity of these certificates the site can be recovered but at a consequence of needing to re-enter passwords, re-distribute certificates to other members of the Qlik Sense cluster, as well as replacement of certificates used in integration points like Web Ticketing using the Qlik Proxy API, automation tasks using the Qlik Repository API, or visualization integrations using the Qlik Engine API."

Cheers,

Albert

Please, remember to mark the thread as solved once getting the correct answer

View solution in original post

qlikalex · ‎2023-12-26

Because I found out that the certificate was not restored after I installed it

qlikalex · ‎2023-12-26

And I don't know if it will have an impact on my subsequent restoration

Anil_Babu_Samineni · ‎2023-12-26

Is anyone said that you require certificate?

If not, try to redistribute all your consumer nodes again after your site restored to other host and generate new certificate, and one thing you have to make sure to avoid 400 or 500 error (Make sure, you have added new thumbprint certificate security key updated in QMC proxies).

Best Anil, When applicable please mark the correct/appropriate replies as "solution" (you can mark up to 3 "solutions". Please LIKE threads if the provided solution is helpful

Albert_Candelario · ‎2023-12-27

Hello @qlikalex,

Please review this link: Verify/Execute Backups - qs-admin-playbook (qlik-poc.com)

"Certificates

When Qlik Sense Enterprise was designed, security against eavesdropping was built in by using certificates which Qlik generates to encrypt all traffic between services. This communication is encrypted no matter if the communication is self-contained to a single server or distributed across multiple nodes in a cluster. These certificates likewise are used to encrypt sensitive data which is stored in PostgreSQL (e.g. passwords to data connections). Due to this, the original certificates in a Qlik site are key seamless recovery. Without the availabity of these certificates the site can be recovered but at a consequence of needing to re-enter passwords, re-distribute certificates to other members of the Qlik Sense cluster, as well as replacement of certificates used in integration points like Web Ticketing using the Qlik Proxy API, automation tasks using the Qlik Repository API, or visualization integrations using the Qlik Engine API."

Cheers,

Albert

Please, remember to mark the thread as solved once getting the correct answer

If I'm recovering a Qlik Sense site to a machine with a different hostname, why do I need to recover the certificate before installing qlik?

General Question