Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi Qlik Community,
I am posting QIB-NLU inquiry here as no thread is found in the drop-down list.
I have tried to connect QIB-NLU with the certificates issued by my QlikSense Server & also tried with SSL-Certificate (issued by Certified Authority) but in both cases i am unable to connect both machines, please note that QIB & QS are installed on same machines.
Below are the logs taken from QIB-NLU-Configuration File:
}
2019-10-18 15:13:52.5062|INFO|Configuration|CreateAgent|Creating new agent for Qlik Insight Bot nlu
2019-10-18 15:13:52.5212|INFO|Configuration|SendRequest|Sending request with following parameter
2019-10-18 15:13:52.5322|INFO|Configuration|SendRequest|Method: Post
2019-10-18 15:13:53.4148|ERROR|Configuration|SendRequest|Error while sending request with following parameter
2019-10-18 15:13:53.4289|ERROR|Configuration|SendRequest|The remote server returned an error: (401) Unauthorized.
2019-10-18 15:13:53.4419|ERROR|Configuration|SendRequest|{
"status": "error",
"message": "NLU configuration failed."
}
2019-10-18 15:13:53.4549|ERROR|Configuration|CreateAgent|Error while creating agent
2019-10-18 15:13:53.4689|ERROR|Configuration|CreateAgent|{
"status": "error",
"message": "NLU configuration failed."
}
2019-10-18 15:13:53.4830|ERROR|Component Configuration|ConfigureNLU|{
"status": "error",
"message": "NLU configuration failed."
}
To be more specific, when you go to the status page check the certificate being used. Is it the one you are expecting? As far as which one to use, I would use the SSL provided by a trusted CA.
To troubleshoot ,I would try getting to the NLU from a browser on your QS/QIB Windows machine: https://your.nlu.domain.com:5000.
Check the certificate in the browser, what does it say?
Also, can you provide some detail on your certs in the NLU box. For example, which commands you used to create the cert files and the directory you placed them in.
@treysmithdev Thanks for the reply as per for instructions, i have already tried & checked opening NLU in windows machine through browser, its opening perfectly with not accepting the certificate.
My main question is that "Which certificates should i give to both machines to communicate:
1. SSL - Certificate (issued by Domain Service Provider)
or
2. QS & QIB - Both are installed on same machine (Machine Certificate generated through QMC) &
if i use the machine certificates then which should be used, "client.pfx" or "server.pfx" or "root.cer" ... ... ?
Certificates-folder is mapped in the yml-file
To be more specific, when you go to the status page check the certificate being used. Is it the one you are expecting? As far as which one to use, I would use the SSL provided by a trusted CA.
SSL Certificate is applied successfully & it working fine as per your shared snapshots.
Now in next step, i am getting the error as per screenshot, support is needed to resolve this issue.
Below message request is coming upon setting-up NLU-Configuration on NLU-Machine
Below are the log for the above activity:
}
2019-10-21 23:42:44.4833|INFO|Configuration|CreateAgent|Creating new agent for Qlik Insight Bot nlu
2019-10-21 23:42:44.4963|INFO|Configuration|SendRequest|Sending request with following parameter
2019-10-21 23:42:44.5073|INFO|Configuration|SendRequest|Method: Post
2019-10-21 23:42:45.4988|ERROR|Configuration|SendRequest|Error while sending request with following parameter
2019-10-21 23:42:45.5128|ERROR|Configuration|SendRequest|The remote server returned an error: (401) Unauthorized.
2019-10-21 23:42:45.5238|ERROR|Configuration|SendRequest|{
"status": "error",
"message": "NLU configuration failed."
}
2019-10-21 23:42:45.5358|ERROR|Configuration|CreateAgent|Error while creating agent
2019-10-21 23:42:45.5358|ERROR|Configuration|CreateAgent|{
"status": "error",
"message": "NLU configuration failed."
}
2019-10-21 23:42:45.5598|ERROR|Component Configuration|ConfigureNLU|{
"status": "error",
"message": "NLU configuration failed."
}
Hi Friends
I ned a help, i have a valid certificate (CA) on PFX format, this certificate is wildcard *.mydomain.com and is usted on each site QlikSense, NLP and NLU, on NLU i splited on pem files (CRT and Key) with the following commands
openssl pkcs12 -in Cert.pfx -nocerts -out NluEnc.key
openssl rsa -in NluEnc.key -out nlu_key.pem
openssl pkcs12 -in Cert.pfx -clcerts -nokeys -out nlu_crt.pem
Then i stored the certificates on home/nlu/Certificates the path configured on docker-compose.yml is the default
environment:
POSTGRES_HOST: nlu_db
isHttps: "True"
CertificatePath: "/nlu/Certificates/"
When i tested the NLU URL opens well but without certificate
Install your certificate in Linux / NLU Machine by using following commands:
$ /usr/local/share/ca-certificate
$ sudo apt-get install ca-certificates -y
$ sudo dpkg-reconfigure ca-certificates
$ sudo update-ca-certificates
If the error still exists then install it manually from the list of certificates.
Restart your instance after the above configurations & run your containers after checking the status of Docker.
Cheers.
Hi mranarshad81
Thanks for the answer, i tried to install the certificates following the steps, but not worked, also i researched and found the same commands but with a different path $ /usr/share/ca-certificate/extra i stored on this folder and execute the commands, the terminal console show me the following message
2 added, 0 removed; done.
Processing triggers for ca-certificates (20180409) ...
Updating certificates in /etc/ssl/certs...
2 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
I restarted the NLU server and then laucnh the NLU sudo docker-compose up but noy works, the problem is the same
Hi
I forget say that the certificates was generated by GoDaddy and for the procedure made on $ /usr/share/ca-certificate/extra folder, i converted the PEM file to CRT file
What are your volume settings in your docker-compose.yml file?