Skip to main content

Official Support Articles

Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Announcements
NEW webinar Dec. 7th: 2023 Outlook, A Pivotal Year for Data Integration SIGN ME UP!

Disable RC4 stream cipher in QlikView May 2022 (12.70) SR1 or higher

cancel
Showing results for 
Search instead for 
Did you mean: 
Daniele_Purrone
Support
Support

Disable RC4 stream cipher in QlikView May 2022 (12.70) SR1 or higher

Is it possible to disable the non-secure RC4 cipher in QlikView?

 

Environment

 

Resolution

QlikView 12.70  SR1 introduces the possibility of disabling RC4.

This will require applying a change to the QlikView Management Service and QlikView WebServer’s config settings and the QlikView Server's settings.ini.

This will also require applying a change to every client that needs to use the Open In Server (QlikView Desktop) functionality and for every client that uses the IE-Plugin on Microsoft Edge (Internet Explorer is no longer supported). 

 

Note: Clients using only AJAX (browser) or only opening local files (QlikView Desktop) will not require a setting change.

LIMITATION: disabling RC4 is currently not supported if QlikView Desktop or the IE-Plugin are running on Windows 2022.

 

Server-Side changes:

  1. On all nodes, stop the QlikView WebServer (or Setting Service) and QlikView Management Service
  2. Take a backup copy of the QVManagementService.exe.config (under C:\Program Files\QlikView\Management Service) and the QVWebServer.exe.config (under C:\Program Files\QlikView\Server\Web Server) config files
  3. Using a text editor with administrator permissions, edit the two above-mentioned config files
  4. Change ”true” in the line <add key="EnableRC4" value="true" /> --> to ”false”
  5. Save the files and close
  6. Restart the services

 

Further server-side changes (only needed for "Open in Server" and "IE-plugin"):

  1. On all nodes, stop the QlikView Server (QVS.exe) service
  2. Find the servers’ settings.ini files and take a backup copy
  3. Edit the files
  4. Change the line SessionAlgorithm=Legacy to SessionAlgorithm=CALG_AES_128
  5. Save the files and close
  6. Restart the QVS.exe service

 

Client-side changes:

(to be applied to each client using the IE-Plugin or the QlikView Desktop client's "Open in Server" functionality)
  1. For each client, find the settings.ini file and take a backup copy
  2. Edit the file
  3. Change the line SessionAlgorithm=Legacy to SessionAlgorithm=CALG_AES_128
  4. Save the file and close
  5. Relaunch the client or browser

 

IMPORTANT: when using the IE-plugin or "Open In Server" the server and the clients will need to run on the same SessionAlgorithm, either Legacy (RC4 enabled) or CALG_AES_128 (RC4 disabled). Using different algorithms will break the connectivity between a client and a server. AJAX is not affected by this and does not require client-side changes. Changes are also not required if a Desktop client is only used to open local files (no connection to QVS).

Labels (1)
Version history
Last update:
‎2022-10-04 05:28 AM
Updated by:
Contributors