Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Unable to connect with hub using DotNet SDK with Certificate.

I am working with Dot Net window application, I need to get app list.

I am trying to connect with Qlik server  using Dot Net SDK and the approach I am following is using certificate.

But my code is giving error. I am using default virtual proxy.

Note: 1. Same certificate I am using to get QlikTicket successfully.

        2. I am able to get data from Qlik Server using Dot Net SDK when I am using AsStaticHeaderUserViaProxy() for different virtual                    proxy.

        3. Why I am not using AsStaticHeaderUserViaProxy(), because I do not want to create another virtual proxy with different header              setting.

Code:

                Uri uri = new Uri("https://ip-address:443");

                ILocation location = Qlik.Engine.Location.FromUri(uri);

         

                X509Certificate2 x509 = new X509Certificate2();

                byte[] rawData = ReadFile(@"E:\Projects\Qlick\QlikSenseSDK1\Certificate\client.pfx");

                x509.Import(rawData, "password@123", X509KeyStorageFlags.UserKeySet);

                X509Certificate2Collection certificateCollection = new X509Certificate2Collection(x509);

                location.AsDirectConnection("UserDirectory", "UserId", certificateCollection: certificateCollection);

                location.VirtualProxyPath = "virproxy";

                using (IHub hub = location.Hub())  //Error on this line

                {

                    string test = "QV Product: " + hub.QTProduct() +

                     "  Product Version: " + hub.ProductVersion() +

                     "  OS Name:    " + hub.OSName() +

                     "  OS Version: " + hub.OSVersion();

                }

Error Message:

  The remote certificate is invalid according to the validation procedure.

1 Solution

Accepted Solutions
Not applicable
Author

Hi,

Your URI is pointing to the proxy (port 443) but you are connecting directly to engine (.AsDirectConnection) so the connection will never succeed, You must decide if you want to connect thru the Proxy och directly to the Engine.

If you connect directly to the engine you must use the exported client certificate from the Sense and you should connect to port 4747 on the server (don forget you got to open this port on the windows firewall). You might also want to set certificateValidation:false.

If you connect thru the Proxy you can connect with an existing session ticket.
You will find more detailed descriptions and examples here Sample code for how to connect to Qlik Sense ‒ Qlik Sense

Best Regards

Lars-Göran Book

View solution in original post

4 Replies
Not applicable
Author

Hi,

Your URI is pointing to the proxy (port 443) but you are connecting directly to engine (.AsDirectConnection) so the connection will never succeed, You must decide if you want to connect thru the Proxy och directly to the Engine.

If you connect directly to the engine you must use the exported client certificate from the Sense and you should connect to port 4747 on the server (don forget you got to open this port on the windows firewall). You might also want to set certificateValidation:false.

If you connect thru the Proxy you can connect with an existing session ticket.
You will find more detailed descriptions and examples here Sample code for how to connect to Qlik Sense ‒ Qlik Sense

Best Regards

Lars-Göran Book

Not applicable
Author

Hi ext_lgb

Thanks allot for your reply. You really saved my time. Now i am successfully get authenticated and getting hub by changing port to 4747 and passing certificateValidation:false parameter.

Not applicable
Author

Hi,

will like to understand the impact of setting certificateValidation:false.

Is this due to the certificate being a self-signed certificate?

What's the impact if this setting is used in Production?

Thanks!

mow
Employee
Employee

Hi Ryan,

The certificate in Sense will on installation be issued to a specific host e.g. server.domain.com. In this case the user tried to connect with an IP address and not the full FQDN hence there were certificate warnings.

Ignoring certificate warnings i.e. setting certificateValidation:false should be considered a workaround and not a solution, so I wouldn't recommend using this option in production if the reason for the warnings is unknown.

Best Regards,

Mattias