Solved: Re: how to implement SSL Certificate - Qlik Community

Tabish · ‎2022-01-04

Chip_Matejowsky · ‎2022-01-04

I'm moving this thread from the QlikView forum to the Qlik Sense forum so that it will be in the correct location and that you will likely get more responses.

Please refer to the Qlik Sense online Help entry Changing a proxy certificate for steps on how to replace an expired cert with a new cert. Also, Qlik Support article How to change the certificate used by the Qlik Sense Proxy to a custom third party certificate likely has some relevant information as well.

Please note that the Qlik Sense version you indicated, April 2019, lapsed for support assistance 9 months ago. If you need to request assistance from Qlik Support, you'll need to be running a supported version of Qlik Sense, so an upgrade is required. Refer to article Qlik Sense Enterprise on Windows Product Lifecycle for more details.

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!

View solution in original post

QlikMaster1 · ‎2022-01-04

Hi, without knowing your full breakdown of RIM nodes, if you don't have a specific Consumer or proxy node and passing them through to your central node direct. Then you would need to login to the central node or rim node that you have the ssl cert on and then open up the mmc and identify the current ssl cert - look for the thumbnail as you probably know this as part of your backup. Then remove this one and replace it with your new ssl cert by importing it into the MMC. Make sure you click to make it exportable and include private keys. Now take a note of the thumbnail. Go to your QMC and then Proxy, now tick the security tab on the proxy screen and then copy in your ssl thumbnail, you may find putting it in Notepad first useful. Remove spaces and any whitespace before the first letter. Once you have copied it in, wash and repeat if your have two rims set up for Proxy duties and saving the change by clicking apply. Your probably want to jump on the relevant box or boxes and restart the proxy service or just restarting all services on each box to flush out any cache cruft. Now when the environment has restarted you should be able to check your padlock and see the site running off the new cert.

View solution in original post

Chip_Matejowsky · ‎2022-01-04

Hi @Tabish,

I'm moving this thread from the QlikView forum to the Qlik Sense forum so that it will be in the correct location and that you will likely get more responses.

Please refer to the Qlik Sense online Help entry Changing a proxy certificate for steps on how to replace an expired cert with a new cert. Also, Qlik Support article How to change the certificate used by the Qlik Sense Proxy to a custom third party certificate likely has some relevant information as well.

Please note that the Qlik Sense version you indicated, April 2019, lapsed for support assistance 9 months ago. If you need to request assistance from Qlik Support, you'll need to be running a supported version of Qlik Sense, so an upgrade is required. Refer to article Qlik Sense Enterprise on Windows Product Lifecycle for more details.

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!

QlikMaster1 · ‎2022-01-04

Hi, without knowing your full breakdown of RIM nodes, if you don't have a specific Consumer or proxy node and passing them through to your central node direct. Then you would need to login to the central node or rim node that you have the ssl cert on and then open up the mmc and identify the current ssl cert - look for the thumbnail as you probably know this as part of your backup. Then remove this one and replace it with your new ssl cert by importing it into the MMC. Make sure you click to make it exportable and include private keys. Now take a note of the thumbnail. Go to your QMC and then Proxy, now tick the security tab on the proxy screen and then copy in your ssl thumbnail, you may find putting it in Notepad first useful. Remove spaces and any whitespace before the first letter. Once you have copied it in, wash and repeat if your have two rims set up for Proxy duties and saving the change by clicking apply. Your probably want to jump on the relevant box or boxes and restart the proxy service or just restarting all services on each box to flush out any cache cruft. Now when the environment has restarted you should be able to check your padlock and see the site running off the new cert.

test