Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
i'm trying to get a ticket-id from the qlik api for severaly days now and it seems i can't get any further with this on my own..
so, i exportet the certificate as pem files from the qms and stored them locally.
Now i want to make a php/curl post request for getting a ticket. My code looks as follows.(quite similar to the example i found in the documentation)
$urlbase = "https://myserver:4243/qps/ticket";
$xrf = "0123456789abcdef";
$url = $urlbase . "?Xrfkey=".$xrf;
//Set up the required headers
$ch = curl_init($url);
$QRSCertfile = "mypathto\client.pem";
$QRSCertkeyfile = "mypathto\client_key.pem";
$QRsRoot = "SSL\croot.pem";
$headers = array(
"UserId"=>"Administrator",
"UserDirectory"=> "CENTRAL",
);
//Create Connection using Curl
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $headers);
curl_setopt($ch, CURLOPT_SSLCERT, $QRSCertfile);
curl_setopt($ch, CURLOPT_SSLKEY, $QRSCertkeyfile);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CERTINFO, 1);
$response = curl_exec($ch);
print_r([curl_getinfo($ch),$response]);
The response i get is a 403, with the following informations:
[http_code] => 403 [header_size] => 254
[request_size] => 204 [filetime] => -1
[ssl_verify_result] => 20
[redirect_count] => 0
[total_time] => 0.312
[namelookup_time] => 0.094
[connect_time] => 0.125
[pretransfer_time] => 0.281
[size_upload] => 263
[size_download] => 55 [speed_download] => 55
[speed_upload] => 263
[download_content_length] => -1
[upload_content_length] => 263
[starttransfer_time] => 0.281
[redirect_time] => 0
[certinfo] => Array ( [0] => Array ( [Subject] => CN = qlik-sense [Issuer] => CN = qlik-sense-CA [Version] => 2 [Serial Number] =>....
after serial number follows a lot of cryptic information, which is why i guess that the certificate is found and used..
the response body contains this information:
XSRF prevention check failed. Possible XSRF discovered. )
so, i would be really grateful if someone could tell me the reason for this issue.
Is there a need to give curl the other pem files (server,server_key,root) and how do i do this? Or is anything wrong with my xrf-syntax?
I googled a lot, but couldn't find a proper solution.
Thanks in advance
Edit:
I managed to find whats wrong with my XRF, had to mention it in the header. But the Certificate Problem isn't solved yet.
Edit2:
Added the root certificate to my cacert.pem, now i get ssl_verify_result 0 instead of twenty. But still responsecode 400. I