Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
gustavgager
Partner - Creator II
Partner - Creator II
‎2017-04-11 09:05 AM

QlikSense login from local server using DNS redirect (SSL-cert)

Hi.

I have seen this issue on two diffrent customers now and i was hoping that someone could help me identify the problem.

In both cases I have a server that works fine using the internal name and localhost. However theese customers dont want to use the self-signed cert so i got a working SSL cert that basicly works for all subdomains of a specific name. Like this "*.customername.se". To get this working you need to add a DNS-record to get a URL that will work with the cert (ex: https://qliksense.customername.se). This works fine and everythin, except when you are on the local server. If i use the servername (that worked befor with the self-signed cert) i get a cert-error (fine). However if i try to use https://qliksense.customername.se i get the Windows Authentication screen and it asks me to add a usename and password, but it wont take my credentials. If i use the servername and localhost, it works fine. If i connect from another server, it also works.

The problem here is that i have an application running locally on the server and it wornt connect to the QRS-API unless the certificate is valid. Witch means that i need to use the https://qliksense.customer.se name. But that way i cannot authenticate from the server.

Anyone seen this? Or anyone have any ideas?

3,183 Views
4 Replies
davidganly
Partner - Contributor III
Partner - Contributor III
‎2017-04-11 02:35 PM

do you have something in your host file on the server to resolve the domain name back to the localhost.  I suspect it still won't work but just checking.

2,682 Views
0 Likes
gustavgager
Partner - Creator II
Partner - Creator II
‎2017-04-12 02:11 AM
Author

In response to davidganly

No there is nothing in the host file. And as long as the DNS point to the local IP adress, it shouldnt matter. Also, i have this issue on two diffrent customers.

2,682 Views
0 Likes
peter_turner
Partner - Specialist
Partner - Specialist
‎2017-11-10 08:42 AM

These sounds very much like somthing we've seen, and is a windows security 'feature'

You can work around this by the simple regedit from the server as documented in this URL (BryansGeekSpeak: Debugging Windows Server 2008R2 Event ID 6037 - "The target name used is not valid"), and given below for reference.

  1. Go to REGEDIT > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  2. Right click MSV1_0 > New > Multi-String Value
  3. Type 'BackConnectionHostNames'
  4. Right click & select ‘Modify’
  5. Enter the Hostname of the site: WEBSITENAME (and on a new line enter the FQDN, WEBSITENAME.domain.com as well)
  6. Restart the QlikSense Proxy
  7. Done!
2,682 Views
vinicius_rosa
Partner - Contributor III
Partner - Contributor III
‎2019-01-22 06:51 AM

In response to peter_turner

Thank you for sharing. Works like a charm!

2,630 Views
0 Likes