3 Replies Latest reply: May 9, 2018 6:51 AM by Anwar Pardawala RSS

    Qlik Sense ADFS SSO

    Fabio Hora



      I already followed the three videos jog  posted and it covers almost all the case except when working with certificates from trusted root authority. What changes when using this instead or Qlik Sense certs? Do I need specific type of certificate or wildcard works?





        • Re: Qlik Sense ADFS SSO
          Jeffrey Goldberg



          So from a Qlik Sense perspective, you can use a named ssl cert for the Qlik Sense server or a wildcard cert.  The key piece is after you add the certificate to the Windows server and the thumbprint to Qlik Sense proxy, you have to regenerate the SP metadata from the virtual proxies page if you have already created the adfs virtual proxy.


          Then when you upload SP metadata to ADFS the certificate will be part of the information imported.


          As for the token signing and other certs for ADFS, those actually do not need to change, or can be set to certificates generated for ADFS.  While the video shows changing them, it is not necessary.  The problem with the default ADFS certs is that they expire after one year.  The Qlik Sense certs have a longer lifespan, that's one of the reasons why the video uses them.


          Hope this helps.


          Jeff G