Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Senor_Dai
Partner - Creator II
Partner - Creator II
‎2024-07-16 11:07 AM

TLS 1.3 Qliksense

Hi,

 

Ive seen from support articles that TLS 1.2 is not yet supported in Qliksense however this is a workaround outlined.  

We really need to implement TLS 1.3 as a requirement from our customers.  Would amending the registry like achieve this ?

Screenshot 2024-07-16 at 15.56.38.png

In the above example Ive added registry keys for TLS 1.0 to 1.3 and 'disabled' all apart from 1.3 which I have enabled.

Will this be detrimental to how QlikSense functions ?

 

Many thanks,

 

Dai

Labels (1)
Labels
501 Views
0 Likes
3 Replies
mpc
Partner - Specialist II
Partner - Specialist II
‎2024-07-16 12:22 PM

Hi, 

Enabling TLS 1.3 will cause errors, as mentioned in this KB: https://community.qlik.com/t5/Official-Support-Articles/Opening-the-Qlik-Sense-hub-shows-An-error-oc...

Here some informations about differences between TLS 1.2 and 1.3. You can disable weak cipher suits through IIS Crypto recommended settings: https://www.nartac.com/Products/IISCrypto

If access by TLS 1.3 is mandatory, you should put Qlik Sense beyond a Reverse Proxy, which handle the certificate

Kind regards

From Next Decision and mpc with love
It helps, like it, It solves, mark it
479 Views
Senor_Dai
Partner - Creator II
Partner - Creator II
‎2024-07-16 12:34 PM
Author

In response to mpc

Hi @mpc 

Thanks for the response. 

We are running QlikSense on Windows 2022 server - whereas the article you referenced mentions Windows Server 2012, 2016 and 2019 only. Would TLS 1.3 still not work?

Can you outline what's involved by putting QlikSense beyond a Reverse Proxy?

Much appreciated

Dai

471 Views
0 Likes
mpc
Partner - Specialist II
Partner - Specialist II
‎2024-07-17 02:52 AM

The KB is quite confusing indeed, because it's mention Windows Server 2012 2016 2019 or Qlik Sense all versions: 

Neither the listed versions of Windows, nor Qlik Sense Enterprise on Windows support TLS 1.3. See Supported TLS and SSL Protocols and Ciphers.
In the link above: 

Qlik Sense Enterprise on Windows:

  • Full Support for TLS 1.2 from version June 2017 
  • TLS 1.3/2.0 are not yet fully supported [Internal Reference ID: SHEND-1269]

By putting Qlik Sense behind a Reverse Proxy, you'll be able to use for 1.2 TLS for Qlik Sense services communications, and through the Reverse Proxy, use a 1.3 TLS certificates, to communicate from user browser to Qlik Sense Proxy. 

Please find the schema bellow: 

mpc_0-1721199086656.png

It this more clear ? 

Kind regards

 

 

 

From Next Decision and mpc with love
It helps, like it, It solves, mark it
430 Views
0 Likes