Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I already followed the three videos jog posted and it covers almost all the case except when working with certificates from trusted root authority. What changes when using this instead or Qlik Sense certs? Do I need specific type of certificate or wildcard works?
Thanks,
Fabio
Fabio,
So from a Qlik Sense perspective, you can use a named ssl cert for the Qlik Sense server or a wildcard cert. The key piece is after you add the certificate to the Windows server and the thumbprint to Qlik Sense proxy, you have to regenerate the SP metadata from the virtual proxies page if you have already created the adfs virtual proxy.
Then when you upload SP metadata to ADFS the certificate will be part of the information imported.
As for the token signing and other certs for ADFS, those actually do not need to change, or can be set to certificates generated for ADFS. While the video shows changing them, it is not necessary. The problem with the default ADFS certs is that they expire after one year. The Qlik Sense certs have a longer lifespan, that's one of the reasons why the video uses them.
Hope this helps.
Jeff G
Fabio,
So from a Qlik Sense perspective, you can use a named ssl cert for the Qlik Sense server or a wildcard cert. The key piece is after you add the certificate to the Windows server and the thumbprint to Qlik Sense proxy, you have to regenerate the SP metadata from the virtual proxies page if you have already created the adfs virtual proxy.
Then when you upload SP metadata to ADFS the certificate will be part of the information imported.
As for the token signing and other certs for ADFS, those actually do not need to change, or can be set to certificates generated for ADFS. While the video shows changing them, it is not necessary. The problem with the default ADFS certs is that they expire after one year. The Qlik Sense certs have a longer lifespan, that's one of the reasons why the video uses them.
Hope this helps.
Jeff G
Hi Jeff,
I know this is an old post but i have a related query.
If i have done no Configuration and starting from scratch, than i dont need to change the procedure shown in those 3 videos. Just instead of QS self Sign Cert i can use Trusted Cert and everything else remain the same, please correct me if wrong.
Regards,
Anwar
Any Inputs on the above, Also how does the URL change with using Trusted cert? how does a user navigate to the Hub?
Regards,
Anwar