Dynamic hypercube creation fails when embedding Qlik Sense analytics

I’m working on embedding Qlik Sense visualizations into our custom portal using the Engine API. When I try to create dynamic hypercubes programmatically, the WebSocket connection fails with certificate validation errors. The static visualizations work fine, but any attempt to create on-the-fly hypercubes through the API throws trust errors.

Here’s the connection attempt:

const enigma = require('enigma.js');
const config = {
  url: 'wss://qlik-server:4747/app/myapp',
  createSocket: (url) => new WebSocket(url)
};

I’ve exported the Qlik server certificate and added it to our Node.js trusted store, but mutual TLS authentication still blocks the dynamic operations. Has anyone successfully set up certificate trust for Engine API connections in an embedded scenario? Our security team requires mutual TLS, so skipping certificate validation isn’t an option.

Yes, you’ll need to use the ws library with custom options. The default WebSocket doesn’t support certificate options. Also make sure your Qlik Sense server is configured to accept the client certificate’s CA in the QMC under Certificates management. I’ve seen cases where the server-side trust wasn’t properly configured even though client certs were valid.

Quick tip: enable detailed TLS debugging in Node.js with NODE_DEBUG=tls environment variable. This will show you exactly where the certificate validation is failing - whether it’s chain validation, client cert presentation, or hostname verification. Saved me hours of troubleshooting on a similar project.