Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi. We are using Qlik Sense November 2017 edition (11.24.1) installed in windows server 2016. Recently during security audit findings. SecureArk scans showed that Qlik sense is still allowing SSL 3.0 connection over the ports 443, 4242, 4899, 5050,5151. We are very much sure we disabled all the protocols except TLS1.2. We restarted the servers, but still the scan results finds that SSL 3.0 connections are passing through. Client is not allowing to pass the report unless there is a proper justification. Can someone throw light on why still Qlik Sense is allowing the protocols that are disabled already.
Attached the screen shot of secureark findings.
How were those protocols disabled? Because Qlik Sense Enterprise just inherits the available protocols / cipher suites from the Windows OS.
What are the settings for this registry path:
I'd encourage consulting with your organization to see if there are gold standard scripts to handle things, but if you're on your own you can leverage a tool like IISCrypto to set things appropriately in the Windows registry.