Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik and ServiceNow Partner to Bring Trusted Enterprise Context into AI-Powered Workflows. Learn More!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
fabdulazeez
Partner - Creator III
Partner - Creator III
‎2025-09-16 08:34 AM

Guidance on “Unverified Insecure SSH Private Key” flagged by Defender for Cloud

Defender for Cloud has raised an alert: “Unverified insecure SSH Private Key.”
It appears to be pointing to the Exported Certificates folder created by Qlik Sense.

C:\ProgramData\Qlik\Sense\Repository\Exported Certificates

I would like to know:

  1. How can we mitigate this alert?

  2. Is it safe to delete all the folders within Exported Certificates including .Local?

  3. What would be the impact on Qlik Sense services if these folders are deleted?

  4. Is there an alternative approach (e.g., securing or relocating the keys) instead of deletion?

We have a single node Qlik sense Enterprise on Windows may 2025 version on azure VM.

Labels (1)
Labels
557 Views
1 Solution

Accepted Solutions
Daniele_Purrone
Support
Support
‎2025-09-16 09:37 AM

Hi @fabdulazeez ,

those certificates are not explicitly used by Qlik Sense Enterprise during its activity.

They are just exports that are usually manually created by the administrators when needed for third party purposes (like API calls).
See https://community.qlik.com/t5/Official-Support-Articles/Export-client-certificate-and-root-certifica... and https://help.qlik.com/en-US/sense-admin/May2025/Subsystems/DeployAdministerQSE/Content/Sense_DeployA...

Once the certificates have been properly reimported for use by third party tools or the user making the API calls, they can be deleted or stored in another safe location. They can also be re-exported to the same folder in any moment, if needed.

I hope this clarifies it!

Daniele

Daniele - Principal Technical Support Engineer & SaaS Support Coordinator at Qlik
If a post helps to resolve your issue, please accept it as a Solution.

View solution in original post

508 Views
3 Replies
Daniele_Purrone
Support
Support
‎2025-09-16 09:37 AM

Hi @fabdulazeez ,

those certificates are not explicitly used by Qlik Sense Enterprise during its activity.

They are just exports that are usually manually created by the administrators when needed for third party purposes (like API calls).
See https://community.qlik.com/t5/Official-Support-Articles/Export-client-certificate-and-root-certifica... and https://help.qlik.com/en-US/sense-admin/May2025/Subsystems/DeployAdministerQSE/Content/Sense_DeployA...

Once the certificates have been properly reimported for use by third party tools or the user making the API calls, they can be deleted or stored in another safe location. They can also be re-exported to the same folder in any moment, if needed.

I hope this clarifies it!

Daniele

Daniele - Principal Technical Support Engineer & SaaS Support Coordinator at Qlik
If a post helps to resolve your issue, please accept it as a Solution.
509 Views
fabdulazeez
Partner - Creator III
Partner - Creator III
‎2025-09-16 10:18 AM
Author

Is it same for the ".Local Certificates" folder ?

473 Views
0 Likes
Daniele_Purrone
Support
Support
‎2025-09-16 10:41 AM

Yes. None of the certificates used in "Exported Certificates" are actively used.

If you want to be safe, you can zip the folders and store them somewhere else.

Daniele - Principal Technical Support Engineer & SaaS Support Coordinator at Qlik
If a post helps to resolve your issue, please accept it as a Solution.
457 Views