Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
vinaykasireddy
Contributor
Contributor
‎2019-11-30 07:04 AM

Secure Ark findings says Qlik sense still allowing SSL 3.0 connections

Hi. We are using Qlik Sense November 2017 edition (11.24.1) installed in windows server 2016. Recently during security audit findings. SecureArk scans showed that Qlik sense is still allowing SSL 3.0 connection over the ports 443, 4242, 4899, 5050,5151. We are very much sure we disabled all the protocols except TLS1.2. We restarted the servers, but still the scan results finds that SSL 3.0 connections are passing through. Client is not allowing to pass the report unless there is a proper justification. Can someone throw light on why still Qlik Sense is allowing the protocols that are disabled already.

Attached the screen shot of secureark findings.

Labels (8)
Labels
Preview file
42 KB
429 Views
0 Likes
1 Reply
Levi_Turner
Employee
Employee
‎2019-12-04 06:02 AM

How were those protocols disabled? Because Qlik Sense Enterprise just inherits the available protocols / cipher suites from the Windows OS.

What are the settings for this registry path:

  • HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
  • HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server

I'd encourage consulting with your organization to see if there are gold standard scripts to handle things, but if you're on your own you can leverage a tool like IISCrypto to set things appropriately in the Windows registry.

353 Views