Qlik Community

Qlik Sense Integration, Extensions, & APIs

Discussion board where members can learn more about Integration, Extensions and API’s for Qlik Sense.

Announcements
Qlik Analytics Tour 2020 Online. Begins August 10th. Register Today
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor III
Contributor III

SSL Error in api call (works with one server and doesn't with another)

I would like to know, is it important who verified the SSL certificate? I have two Qlik servers and one of them works with API call correctly and another does not. I explained the error message and the difference between two machines. Can you tell me if this difference raise that error or I should look for something else?

 

The Error message which I get from calling qlik API (by pthon) says :

in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='crp-qlik-11.corp.xxxx.ca', port=4242): Max retries exceeded with url: /qrs/task/start/synchronous?name=ReloadTrigger&xrfkey=1234567890123456 (Caused by SSLError(SSLError("bad handshake: SysCallError(10054, 'WSAECONNRESET')")))

I know there is one difference between 2 servers. It's on the SSL certificate. They set up by two different people. Both have a valid SSL certificate but with different properties for verified.

The main difference is on who verified them. They are like this:

website: crp-bisb-02.corp.xxxx.ca
verified by:  crp-bisb-02.corp.xxxx.ca-CA
python result: work correctly

The result of cURL on those Qlik URL is like this:

C:\>curl -v https://crp-bisb-02.corp.xxxx.ca
* Rebuilt URL to: https://crp-bisb-02.corp.xxxx.ca/
* Trying 10.XX.XX.58...
* TCP_NODELAY set
* Connected to crp-bisb-02.corp.xxxx.ca (10.XX.XX.58) port 443 (#0)
* schannel: SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 189 bytes...
* schannel: sent initial handshake data: sent 189 bytes
* schannel: SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443 (step 2/3)
* schannel: encrypted data got 1817
* schannel: encrypted data buffer: offset 1817 length 4096
* schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.
* Closing connection 0
* schannel: shutting down SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443
* schannel: clear security context handle
curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.

 ############################################################

 ############################################################

 ############################################################

 ############################################################

website: crp-qlik-11.corp.xxxx.ca
verified by:  CORP-EnterpriseRootCA
python result:  raise the error

C:\>curl -v https://crp-qlik-11.corp.xxxx.ca
* Rebuilt URL to: https://crp-qlik-11.corp.xxxx.ca/
* Trying 10.XX.XX.59...
* TCP_NODELAY set
* Connected to crp-qlik-11.corp.xxxx.ca (10.XX.XX.59) port 443 (#0)
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 189 bytes...
* schannel: sent initial handshake data: sent 189 bytes
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 2/3)
* schannel: encrypted data got 1911
* schannel: encrypted data buffer: offset 1911 length 4096
* schannel: sending next handshake data: sending 93 bytes...
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 2/3)
* schannel: encrypted data got 51
* schannel: encrypted data buffer: offset 51 length 4096
* schannel: SSL/TLS handshake complete
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 3/3)
* schannel: stored credential handle in session cache
> GET / HTTP/1.1
> Host: crp-qlik-11.corp.xxxx.ca
> User-Agent: curl/7.55.1
> Accept: */*
>
* schannel: client wants to read 102400 bytes
* schannel: encdata_buffer resized 103424
* schannel: encrypted data buffer: offset 0 length 103424
* schannel: encrypted data got 131
* schannel: encrypted data buffer: offset 131 length 103424
* schannel: decrypted data length: 102
* schannel: decrypted data added: 102
* schannel: decrypted data cached: offset 102 length 102400
* schannel: encrypted data buffer: offset 0 length 103424
* schannel: decrypted data buffer: offset 102 length 102400
* schannel: schannel_recv cleanup
* schannel: decrypted data returned 102
* schannel: decrypted data buffer: offset 0 length 102400
< HTTP/1.1 301 Moved Permanently
< Location: https://crp-qlik-11.corp.xxxx.ca/hub/
< Content-Length: 0
<
* Connection #0 to host crp-qlik-11.corp.xxxx.ca left intact

Tags (3)