Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TrustAnchor with subject "CN=XXX" is not a CA certificate - self signed certificates #83

Open
matteoredaelli opened this issue Apr 3, 2020 · 1 comment
Open

TrustAnchor with subject "CN=XXX" is not a CA certificate - self signed certificates #83

matteoredaelli opened this issue Apr 3, 2020 · 1 comment
Labels
bug

Comments

@matteoredaelli
Copy link

matteoredaelli commented Apr 3, 2020
edited
Loading

Error

Execution error (ValidatorException) at sun.security.validator.PKIXValidator/verifyTrustAnchor (PKIXValidator.java:404).
TrustAnchor with subject "CN=myhost-CA" is not a CA certificate

My code is

(let [response (sync/get "https://myhost:4242/qrs/about"
                           {:ssl-cert "./client.pem"
                            :ssl-key "./client_key.pem"
                            :ssl-ca-cert "./root.pem"
                            :insecure? true
                            ;;:validate-hostnames false
                            :accept :json
                            :headers {"x-qlik-xrfkey" "0123456789abcdef" "X-Qlik-User" "UserDirectory=internal;UserId=sa_repository"}
                            :query-params {"xrfkey" "0123456789abcdef"}}
                            )]
    (println (slurp (:body response)))))

Works with curl

it works if I run

curl --cert ./client.pem --insecure --key ./client_key.pem https://myhost:4242/qrs/about?xrfkey=0123456789abcdef --header "x-qlik-xrfkey: 0123456789abcdef" --header "X-Qlik-User: UserDirectory=internal;UserId=sa_repository" -v
https://help.qlik.com/en-US/sense-developer/February2020/Subsystems/RepositoryServiceAPI/Content/Sense_RepositoryServiceAPI/RepositoryServiceAPI-Example-Connect-cURL-Certificates.htm

Environment

  • Clojure 1.10.1
  • Platform Debian testing x64
@matteoredaelli
Copy link
Author

matteoredaelli commented Apr 9, 2020
edited
Loading

It seems that there are some problems with the certificate.

https://support.qlik.com/articles/000075724?_ga=2.200529190.949720287.1586415512-412842315.1585901982

My code works with the latest qliksense release but not with the older.

In any case with curl, python, nodejs and prolog(!!!) I have no problem with both qliksense releases..

is the "--insecure" option of curl more powerful than the clojure one?

@matteoredaelli matteoredaelli mentioned this issue Apr 9, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@matteoredaelli