Issue at the time of logging in the Qlik Sense server using the generated ticket

[mohdanasabbasi]

Hi goldbergjeffery, We are using Qlik Sense for one of the module in our product. We have a .NET portal on which we display our Qlik sense reports. I have gone through the instructions whatever you have suggested on the video as well as on the github , but we are facing few issues when we tried doing the same in our case.They are as follows-

Basically We are facing the issue at the time of login into the Qlik Sense server as the qsticket is getting generated. We are using the following link for authentication in QS server- https:///sense/app/c2eded0d-bea2-4882-b81a-4965870500dc?qlikTicket=

and we are appending the value of web ticket into the above URL.

Please suggest a possible way out of this. Request to give your valuable comments on this.

Thanks, Anas

[goldbergjeffrey]

On the first error, you need to make sure you are using the QlikClient cert with the private key added to the cert. In addition, you will need the root certificate for the Qlik Sense server generated certs to go along with the QlikClient to complete the certificate path.

On the second issue, I notice from the screen shots you are trying to go through the central virtual proxy with a webticket I presume was created through a different virtual proxy. Tickets are claimed on the virtual proxy they were issued. Is there a reason why you are redirecting to the central virtual proxy?

[mohdanasabbasi]

@goldbergjeffrey When I exported the certificates through QMC, I have included the private key in it and in total there were 3 certificates which got exported in a folder,

Out of these 3, we have already installed two i.e. client and server on the IIS but left the 'root certificate', , as per your suggestions I will install the root certificate also. Just a doubt!, do we have to install all the three certificates on the IIS? And under which category should I install the root certificate (personal or trusted Root Certification?)

---

As I mentioned before I am using the following link for the authentication and appending it with the qsticket which I'm getting from aspx- https://hostname/sense/app/c2eded0d-bea2-4882-b81a-4965870500dc?qlikTicket=

No there isn't any reason to redirect to the central virtual proxy, it's just i didn't have an idea how to write an URL to claim the ticket on the virtual proxy from which it was issued. Can you please suggest me the correct syntax to create an URL that I can append with the received 'qsticket'. Name of virtual proxy-_'adhocodr'

---

One more thing that I forgot to mention,as you know we are using a .NET portal to display the reports, so we are using the same web application for qsticket also. And at the time of logging in into the portal we use Forms authentication for the credentials and we use the same Portal User ID to generate a qsticket ,as you have mentioned in your video that we have to disable all the authentication method other than Anonymous. But we cannot do it in our case, so is it one of the reason we are getting the errors? Is it must to disable the forms authentication?

Thanks, Anas

[mohdanasabbasi]

Hi jeffery, I tried changing the URL by adding the virtual proxy name in it. But its till not working. Getting the same error"Content was blocked because of invalid security certificate". I used following URL this time- https://servername/virtualproxy/hub/?qlikTicket= to access the hub, and also tried-- https://hostname/virtualproxy/sense/app/c2eded0d-bea2-4882-b81a-4965870500dc?qlikTicket= but neither of them worked for me.

I have installed the root certificate on IIS in MMC under trusted Root Certification category. Waiting for your valuable suggestions. Cannot find a way out of this :-(

Thanks, Anas