Skip to main content

Qlik Community

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Product Release Webinar: Qlik Insider airing December 6! REGISTER TODAY!

Disable RC4 stream cipher in QlikView May 2022 (12.70) SR1 or higher

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Daniele_Purrone
Support
Support
‎2022-10-03 10:43 AM

Disable RC4 stream cipher in QlikView May 2022 (12.70) SR1 or higher

Last Update:

Oct 4, 2022 2:28:21 AM

Updated By:

Daniele_Purrone

Is it possible to disable the non-secure RC4 cipher in QlikView?

 

Environment

 

Resolution

QlikView 12.70  SR1 introduces the possibility of disabling RC4.

This will require applying a change to the QlikView Management Service and QlikView WebServer’s config settings and the QlikView Server's settings.ini.

This will also require applying a change to every client that needs to use the Open In Server (QlikView Desktop) functionality and for every client that uses the IE-Plugin on Microsoft Edge (Internet Explorer is no longer supported). 

 

Note: Clients using only AJAX (browser) or only opening local files (QlikView Desktop) will not require a setting change.

LIMITATION: disabling RC4 is currently not supported if QlikView Desktop or the IE-Plugin are running on Windows 2022.

 

Server-Side changes:

  1. On all nodes, stop the QlikView WebServer (or Setting Service) and QlikView Management Service
  2. Take a backup copy of the QVManagementService.exe.config (under C:\Program Files\QlikView\Management Service) and the QVWebServer.exe.config (under C:\Program Files\QlikView\Server\Web Server) config files
  3. Using a text editor with administrator permissions, edit the two above-mentioned config files
  4. Change ”true” in the line <add key="EnableRC4" value="true" /> --> to ”false”
  5. Save the files and close
  6. Restart the services

 

Further server-side changes (only needed for "Open in Server" and "IE-plugin"):

  1. On all nodes, stop the QlikView Server (QVS.exe) service
  2. Find the servers’ settings.ini files and take a backup copy
  3. Edit the files
  4. Change the line SessionAlgorithm=Legacy to SessionAlgorithm=CALG_AES_128
  5. Save the files and close
  6. Restart the QVS.exe service

 

Client-side changes:

(to be applied to each client using the IE-Plugin or the QlikView Desktop client's "Open in Server" functionality)
  1. For each client, find the settings.ini file and take a backup copy
  2. Edit the file
  3. Change the line SessionAlgorithm=Legacy to SessionAlgorithm=CALG_AES_128
  4. Save the file and close
  5. Relaunch the client or browser

 

IMPORTANT: when using the IE-plugin or "Open In Server" the server and the clients will need to run on the same SessionAlgorithm, either Legacy (RC4 enabled) or CALG_AES_128 (RC4 disabled). Using different algorithms will break the connectivity between a client and a server. AJAX is not affected by this and does not require client-side changes. Changes are also not required if a Desktop client is only used to open local files (no connection to QVS).

QlikView
Thumbnail of QlikView
QlikView
Labels (1)
Labels:
927 Views
Was this article helpful? Yes No
Contributors
Version history
Last update:
‎2022-10-04 05:28 AM
Updated by:
Support