Solved: How resolve problem with CA-signed certificate on ... - Qlik Community

waterscg · ‎2022-06-28

I performed the steps listed in How to configure a .pfx certificate for use with N... - Qlik Community - 1711079, Installing Qlik NPrinting certificates ‒ Qlik NPrinting, and Install SSL certificate to NPrinting - Qlik Community - 1238004; specifically I placed my CA-signed .crt and .key files in C:\ProgramData\NPrinting\webconsoleproxy, uncommented and updated that directory's app.conf's http.sslcert and http.sslkey values to use those two files, and then cycled the Web Engine service.

When I browse to my NPrinting (May 2021 SR3) server using just the server name (e.g., https://ServerName:4993), the page displays correctly; i.e., no warnings appear. But when I browse to it using the FQDN (e.g., https://ServerName.domain.com:4993), the message "not secure" appears.

The certificate is issued to the FQDN. The Subject Alternative Name has an entry for the FQDN and an entry for just the server name.

I'm stumped. Any suggestions?

waterscg · ‎2022-06-30

Thanks for the replies. I've discovered that the "not secure" warning occurs only on my PC and only with Edge and Firefox; the warning doesn't occur with Chrome nor with Edge InPrivate; surprisingly, the warning occurs with Firefox, in both normal and private windows. Other users are not encountering the warning at all.

My desktop support team will be analyzing my PC to try to determine what the problem is.

I created this incident because I'm struggling with getting Qlik Sense On-Demand Reporting to work. I (mistakenly believed) the problem was related to the certificate on the NPrinting server. I'll create a new post for that issue. 🙂

View solution in original post

Lech_Miszkiewicz · ‎2022-06-29

Hi,

I always suggest following the help document instructions to make sure you dont miss anything: https://help.qlik.com/en-US/nprinting/May2021/Content/NPrinting/DeployingQVNprinting/Installing-ssl-...

Steps in articles you mentioned should be the same but in case you missed something I suggest to make sure all steps from help document are done.

Is your certificate issued by 3rd party trusted authority or self signed?
is it issued to specific FQDN or just wildcard domain cert like "*.yourdomain.com" ?
do you see anything in the logs (c$\ProgramData\NPrinting\Logs?

at the end it is important what do you see when you check the certificate from the browser side. As you can see in the example below mine is a wildcard issued to all "*.domain.com.au " domain, so yours should have there FQDN written, does it?

cheers Lech, When applicable please mark the correct/appropriate replies as "solution" (you can mark up to 3 "solutions". Please LIKE threads if the provided solution is helpful to the problem.

Frank_S · ‎2022-06-29

Agreed.

The certificate should contain the FQDN.
You can also verify this on the certification path tab.

Please remember hit the 'Like' button and for helpful answers and resolutions, click on the 'Accept As Solution' button. Cheers!

waterscg · ‎2022-06-30

Thanks for the replies. I've discovered that the "not secure" warning occurs only on my PC and only with Edge and Firefox; the warning doesn't occur with Chrome nor with Edge InPrivate; surprisingly, the warning occurs with Firefox, in both normal and private windows. Other users are not encountering the warning at all.

My desktop support team will be analyzing my PC to try to determine what the problem is.

I created this incident because I'm struggling with getting Qlik Sense On-Demand Reporting to work. I (mistakenly believed) the problem was related to the certificate on the NPrinting server. I'll create a new post for that issue. 🙂

How resolve problem with CA-signed certificate on my NPrinting server?

Qlik NPrinting May 2021 SR3

Qlik Sense