Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I'm trying to find documentation for the TLS version that Qlik Sense supports, but all I find is rather outdated.
Does anyone know if TLS 1.3 is supported, and how to disable other (older) TLS/SSL versions?
Cheers,
Vegard 🙂
Hi Vegard,
As Kabir mentionned and as far as I am aware of TLS 1.3 is not fully supported for Qlik products.
See article :
https://support.qlik.com/articles/000041613
Regarding your question on how to disable other ssl/tls versions, they are several options to do it (e.g windows registry, powershell) but an easy way to achieve this is with this freeware:
https://www.nartac.com/Products/IISCrypto
You will only need to uncheck the protocols you no longer require - I would suggest you do the same with the cipher suites you find not enough secured (it can also be done with this tool).
Hope it helps.
Best regards,
Alexis
Hi,
I am not sure its fully supported. To my knowledge it supports 1.2
I found this on support but like you said its outdated -
As it comes to the right protocols, please see the list based on the public available information in November 2017.
QlikSense:
Hi Vegard,
As Kabir mentionned and as far as I am aware of TLS 1.3 is not fully supported for Qlik products.
See article :
https://support.qlik.com/articles/000041613
Regarding your question on how to disable other ssl/tls versions, they are several options to do it (e.g windows registry, powershell) but an easy way to achieve this is with this freeware:
https://www.nartac.com/Products/IISCrypto
You will only need to uncheck the protocols you no longer require - I would suggest you do the same with the cipher suites you find not enough secured (it can also be done with this tool).
Hope it helps.
Best regards,
Alexis
For other readers:
You can also user PowerShell to check what SSL/TLS version you have enabled, using the script on this site:
https://www.thecodeasylum.com/testing-ssl-and-tls-with-powershell/
(Remember to change the DNS name on the last line in the script.)
And you can check what ciphers you have enabled using the powershell command:
Get-TlsCipherSuite | Format-Table Name
Even TLS 1.2 can have weak ciphers enabled.
You can still check with nmap for Windows. Latest stable release self-installer: nmap-7.80-setup.exe
Immediately shows the protocols used, security level of cyphers, recommendations for unsafe cyphers.
1.Run cmd.
2.cd nmap.
3. run command: nmap -script ssl-enum-ciphers -p 443 your_host.com