Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Launches Open Lakehouse and advanced agentic AI experience in Qlik Answers! | LEARN MORE
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
mattdetwiler
Contributor III
‎2024-02-26 12:53 PM

Issue creating SSL cert for web connectors

We recently migrated to Nov 2023 version from an old May 2020 release.  I'm trying to reconfigure the web connectors in a multi node environment. Everything went fine with the web connector install and they are working from the central node.  Our 2nd node seems to be failing when trying to connect.

I've gone through most of the setup suggestions I could find for the web connector deploy.conf file but I'm not having any luck.  our old site didn't use SSL but this was the last thing I was going to try.

I've tried everything in this article:  https://help.qlik.com/en-US/connectors/Subsystems/Web_Connectors_help/Content/Connectors_QWC/Adminis...

When I go to bind the cert to port 5555 I'm getting a "parameter incorrect" error (on the command line)

I've also tried going into Netsh first and running the command but it still fails with the same error.

I've tried writing the command a few different ways and swapping out different parameters but I'm not having any luck.

Here's the command I'm trying to use.  I'm wondering if the GUID for web connectors could be wrong?
C:\windows\system32\netsh http add sslcert ipport=0.0.0.0:5555 certstorename=Root certhash=?C44C54B23C2FFAA8CFF3B74ACFF4D894D53F45F6 appid={004FC337-C805-4623-8E5B-B2FCE18F0719}

Labels (3)
Labels
878 Views
0 Likes
1 Solution

Accepted Solutions
mattdetwiler
Contributor III
‎2024-02-27 10:20 AM
Author

So this morning I sat down and gave it a good look.  Even though I had checked for any special characters somehow a ? slipped into the beginning of the cert thumbprint. 

This is super strange since I copied it directly from the command line (and it's not in my text file).

After removing the ? the cert was added properly.

View solution in original post

814 Views
5 Replies
Ray_Strother
Support
‎2024-02-26 02:12 PM

Hello ,

Please make sure you updated the server in the host.config file and stated in the instructions.

https://help.qlik.com/en-US/connectors/Subsystems/Web_Connectors_help/Content/Connectors_QWC/Adminis...
862 Views
mattdetwiler
Contributor III
‎2024-02-26 02:29 PM
Author

In response to Ray_Strother

Do you mean deploy.config?  I wasn't seeing a host.,config but my name in the deploy file is the same as the host/CA I used for the cert.

But I guess I should also ask, should that be the www site address or is it ok to have the local machine name/domain since they are both on site?  It is currently set to the local FQDN

843 Views
mattdetwiler
Contributor III
‎2024-02-27 10:20 AM
Author

So this morning I sat down and gave it a good look.  Even though I had checked for any special characters somehow a ? slipped into the beginning of the cert thumbprint. 

This is super strange since I copied it directly from the command line (and it's not in my text file).

After removing the ? the cert was added properly.

815 Views
shaan007
Partner - Creator
‎2025-01-24 01:51 AM

I am having the same issue. But there is no character '?' in my hash. I followed all the instructions correctly. 

netsh http add sslcert ipport=0.0.0.0:5555 certstorename=Root certhash=‎4925AE174EF2CFE6976DC4A7DD2C7F6462100EE2 appid={004FC337-C805-4623-8E5B-B2FCE18F0719}

Note: in MMC , for the step >> Move the certificate from Personal > Certificates to Trusted Root Certification Authorities > Certificates I cut and paste the certificate from Personal to TRC. 

Help needed.

 

 

324 Views
0 Likes
shaan007
Partner - Creator
‎2025-01-24 01:54 AM

In response to shaan007

This is fixed. there was a space when I copied the string to the command prompt window.

certhash=" "4925AE174EF2CFE6976DC4A7DD2C7F6462100EE2

 

323 Views
0 Likes
Top