Skip to main content
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable

Upgrading from 2.2 to 3.2, error 403 on login using virtual proxy

This was never an issue with 2.2, which is why we've kept using it. We tried upgrading to 3.0 when it was released, ran into this problem and couldn't find a solution hence we decided to wait hoping there'd be a fix - however the situation's changed and we're now forced to upgrade hence we need to find answers - any help you can provide would be greatly appreciated & hopefully assist others who may run into the same problem.

If I login directly without a proxy its fine, the error only occurs when using the virtual proxy. The actual message is "Could not authenticate to Qlik Server. The remote server returned an error: (403) Forbidden."

Our proxy setup is as follows:-

virtual proxy setup.png

We're using Forms authentication as our existing setup for multiple external customers is forms-based; changing it to Windows auth really isn't an option.


We've tried removing/reinstalling the certificate, we've followed a bunch of suggestions from other threads on the forum here such as creating a new proxy, cleaning the database and re-running the installer in repair mode - all to no avail.


I'm sure there's other things we could check, but our google-fu hasn't proved strong enough yet to find them. Your suggestions would be most welcome, and if there's any more info about our setup which would be helpful please let me know - I'd be happy to provide any information which may help get to the bottom of this.

1 Solution

Accepted Solutions
popbear1
Partner - Contributor
Partner - Contributor

Hi Andrew

Not sure if this applies to your case, but we recently had the same issue and Qlik support checked our setup and determined that the calling server was using the server certificate rather than the client certificate (both certificates are exported as part of a set of 3 certificates from the QMC). Earlier versions of QlikSense (ours was version 2.2.4) accepted any of these certificates when communicating between servers using the API, but at some point the API required that you use the client certificate for API calls as part of a login setup.

Hope this helps

View solution in original post

3 Replies
Anonymous
Not applicable
Author

No-one has any thoughts on this? That's disappointing - its a massive roadblock for us which, if not resolved, may see us forced to switch to an alternate charting platform, and that's a scenario we'd much prefer to avoid.

popbear1
Partner - Contributor
Partner - Contributor

Hi Andrew

Not sure if this applies to your case, but we recently had the same issue and Qlik support checked our setup and determined that the calling server was using the server certificate rather than the client certificate (both certificates are exported as part of a set of 3 certificates from the QMC). Earlier versions of QlikSense (ours was version 2.2.4) accepted any of these certificates when communicating between servers using the API, but at some point the API required that you use the client certificate for API calls as part of a login setup.

Hope this helps

Anonymous
Not applicable
Author

Many thanks Steve - that has indeed solved the problem