https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2471001#M27666 <P>Hi&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/251190">@mpc</a>&nbsp;</P> <P>Thanks for the response.&nbsp;</P> <P>We are running QlikSense on Windows 2022 server - whereas the article you referenced mentions&nbsp;<SPAN>Windows Server 2012, 2016 and 2019 only. Would TLS 1.3 still not work?</SPAN><BR /><BR />Can you outline what's involved by putting QlikSense beyond a Reverse Proxy?</P> <P>Much appreciated</P> <P>Dai</P> Tue, 16 Jul 2024 16:38:52 GMT Senor_Dai 2024-07-16T16:38:52Z https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2470980#M27663 <P>Hi,</P> <P>&nbsp;</P> <P>Ive seen from support articles that TLS 1.2 is not yet supported in Qliksense however this is a <A href="https://community.qlik.com/t5/Official-Support-Articles/TLS-and-SSL-Support-in-Qlik-Sense-How-to-configure-Qlik-Sense/ta-p/1713720" target="_self">workaround outlined</A>.&nbsp;&nbsp;<BR /><BR /></P> <P>We really need to implement TLS 1.3 as a requirement from our customers.&nbsp; Would amending the registry like achieve this ?<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot 2024-07-16 at 15.56.38.png" style="width: 447px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/169421i4E0D725C7D680FFC/image-dimensions/447x256?v=v2" width="447" height="256" role="button" title="Screenshot 2024-07-16 at 15.56.38.png" alt="Screenshot 2024-07-16 at 15.56.38.png" /></span><BR /><BR />In the above example Ive added registry keys for TLS 1.0 to 1.3 and 'disabled' all apart from 1.3 which I have enabled.<BR /><BR />Will this be detrimental to how QlikSense functions ?</P> <P>&nbsp;</P> <P>Many thanks,</P> <P>&nbsp;</P> <P>Dai</P> Tue, 16 Jul 2024 15:07:39 GMT https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2470980#M27663 Senor_Dai 2024-07-16T15:07:39Z https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2470997#M27665 <P>Hi,&nbsp;</P> <P>Enabling TLS 1.3 will cause errors, as mentioned in this KB:&nbsp;<A href="https://community.qlik.com/t5/Official-Support-Articles/Opening-the-Qlik-Sense-hub-shows-An-error-occurred-Error/ta-p/2427754" target="_blank">https://community.qlik.com/t5/Official-Support-Articles/Opening-the-Qlik-Sense-hub-shows-An-error-occurred-Error/ta-p/2427754</A><BR /><BR />Here some informations about differences between TLS 1.2 and 1.3. You can disable weak cipher suits through IIS Crypto recommended settings:&nbsp;<A href="https://www.nartac.com/Products/IISCrypto" target="_blank">https://www.nartac.com/Products/IISCrypto</A><BR /><BR />If access by TLS 1.3 is mandatory, you should put Qlik Sense beyond a Reverse Proxy, which handle the certificate</P> <P>Kind regards</P> Tue, 16 Jul 2024 16:22:05 GMT https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2470997#M27665 mpc 2024-07-16T16:22:05Z https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2471001#M27666 <P>Hi&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/251190">@mpc</a>&nbsp;</P> <P>Thanks for the response.&nbsp;</P> <P>We are running QlikSense on Windows 2022 server - whereas the article you referenced mentions&nbsp;<SPAN>Windows Server 2012, 2016 and 2019 only. Would TLS 1.3 still not work?</SPAN><BR /><BR />Can you outline what's involved by putting QlikSense beyond a Reverse Proxy?</P> <P>Much appreciated</P> <P>Dai</P> Tue, 16 Jul 2024 16:38:52 GMT https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2471001#M27666 Senor_Dai 2024-07-16T16:38:52Z https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2471087#M27670 <P>The KB is quite confusing indeed, because it's mention Windows Server 2012 2016 2019 or Qlik Sense all versions:&nbsp;</P> <P><SPAN>Neither the listed versions of Windows, <STRONG>nor</STRONG> Qlik Sense Enterprise on Windows support TLS 1.3. See&nbsp;</SPAN><A href="https://community.qlik.com/t5/Official-Support-Articles/Supported-TLS-and-SSL-Protocols-and-Ciphers/ta-p/1710345#:~:text=TLS%201.3/2.0%20are%20not%20yet%20fully%20supported%20%5BInternal%20Reference%20ID%3A%C2%A0SHEND%2D1269%5D" target="_blank" rel="noopener">Supported TLS and SSL Protocols and Ciphers</A><SPAN>.<BR />In the link above:&nbsp;<BR /></SPAN></P> <H3 id="toc-hId-1254250992"><FONT color="#339966"><SPAN><STRONG>Qlik Sense Enterprise on Windows:</STRONG></SPAN></FONT></H3> <UL> <LI>Full Support for<FONT color="#339966"><SPAN>&nbsp;</SPAN><STRONG>TLS 1.2</STRONG></FONT>&nbsp;from version June 2017&nbsp;</LI> <LI><STRONG>TLS 1.3/2.0 are not yet fully supported<SPAN>&nbsp;</SPAN></STRONG>[Internal Reference ID:&nbsp;SHEND-1269]</LI> </UL> <P>By putting Qlik Sense behind a Reverse Proxy, you'll be able to use for 1.2 TLS for Qlik Sense services communications, and through the Reverse Proxy, use a 1.3 TLS certificates, to communicate from user browser to Qlik Sense Proxy.&nbsp;<BR /><BR />Please find the schema bellow:&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="mpc_0-1721199086656.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/169454i2C89E9D6E58505D2/image-size/medium?v=v2&amp;px=400" role="button" title="mpc_0-1721199086656.png" alt="mpc_0-1721199086656.png" /></span></P> <P>It this more clear ?&nbsp;<BR /><BR />Kind regards</P> <P>&nbsp;</P> <P>&nbsp;</P> <P><SPAN>&nbsp;</SPAN></P> Wed, 17 Jul 2024 06:52:03 GMT https://community.qlik.com/t5/Management-Governance/TLS-1-3-Qliksense/m-p/2471087#M27670 mpc 2024-07-17T06:52:03Z