1 Reply Latest reply: Feb 5, 2017 5:43 PM by Patric Amatulli RSS

    .NET SDK - Certificate Authentication Handshake error

    Patric Amatulli

      Hi,

       

      i am trying to access the Qliksense Server (3.1.5) using Certificate Method from a webapi application (hosted on an IIS server installed on the Qliksense  server).

      Neither https and http are working when trying to authenticated via Qlik Engine.

       

      Following error message is returned:

       

      Http (suppose relies on SSL):

      HTTP request failed! - Status 500: Internal Server Error | {"Message":"Connection failed after 4 attempts. Error message:\r\n  The handshake failed due to an unexpected packet format.\r\n  The handshake failed due to an unexpected packet format.\r\n  The handshake failed due to an unexpected packet format.\r\n  The handshake failed due to an unexpected packet format."}

       

      Https:
      Error: Unable to read data from the transport connection: An established connection was aborted by the software in your host machine.

       

      Code Snippet:

      • Host: ServerIP
      • Port: Empty string
      • QSCERT: client.pfx
      • QSPWD: 123 (same as indicated during the certificate export via QMC)

       

       

                      var uri = new Uri(host + port);
                      ILocation location = Qlik.Engine.Location.FromUri(uri);
                     X509Certificate2 x509 = new X509Certificate2();
                      //PAM: Create X509Certificate2 object from .cer file.
                      Util.WriteLog("Info: Certificate -> " + QSCERT);
                      byte[] rawData = File.ReadAllBytes(System.Web.HttpContext.Current.Server.MapPath("~/Certificate/") + QSCERT);
                      Util.WriteLog("Info: Certificate Pwd -> " + QSCERTPWD);
                      x509.Import(rawData, QSCERTPWD, X509KeyStorageFlags.MachineKeySet);
                      X509Certificate2Collection certificateCollection = new X509Certificate2Collection(x509);
                      // Defining the location as a direct connection to Qlik Sense Server
                      location.AsDirectConnection(domain, userId, certificateValidation: QSCERTVALIDATION,  certificateCollection: certificateCollection);
                      return location;
      
      
      

       

      The client certificate was exporter from the QMC adding the IP Adress of the server where the webapi code is executed (same as Qliksense server):

       

      Capture.PNG

       

      And imported in the Local Store of the Local Machine:

       

      Capture2.PNG

       

      And finally added in the folder of my webapi application:

       

       

      capture3.PNG

       

       

       

      What is my mistake in all the procedures?

       

      Thanks for your help!

       

      Kind regards,
      Patric