Connecting using certificates

When using the Qlik Sense server certificate to connect, the connection is made directly against the Qlik Sense Repository Service (QRS) service URL, which means that port 4242 is used. The client certificate is obtained by exporting it from the Qlik Management Console (QMC) in PEM format including the secret key.

When using a certificate to authenticate, requests are made with full administrator rights. To run the commands as a specific user, add the X-Qlik-User header to use the security context of that user account.

// locate the client certificate and accept it as trusted

X509Certificate2 SenseCert = new X509Certificate2("c:\\client.pfx");

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };


//Create the HTTP Request and add required headers and content in xrfkey

string xrfkey = "0123456789abcdef";

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(@"" + xrfkey);

request.Method = "GET";

request.Accept = "application/json";

request.Headers.Add("X-Qlik-xrfkey", xrfkey);

// Add the certificate to the request and provide the user to execute as


request.Headers.Add("X-Qlik-User", @"UserDirectory=internal;UserId=sa_repository");

// make the web request and return the content

HttpWebResponse response = (HttpWebResponse)request.GetResponse();

Stream stream = response.GetResponseStream();

Console.WriteLine(new StreamReader(stream).ReadToEnd());