
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ERR_SSL_KEY_USAGE_INCOMPATIBLE Error After Qlik Replicate Windows Patch/Upgrade
Oct 3, 2024 1:53:17 AM
May 22, 2023 8:59:03 AM
After upgrading from Windows 10 to Windows 11, or applying certain patches to Windows Server 2016, Qlik Replicate may not load in the browser.
The following error is displayed:
ERR_SSL_KEY_USAGE_INCOMPATIBLE
Data Integration Products November 2021.11 or lower require a manual generation of SSL certificates for use. See Step 5 (options one and two) in the solution provided below.
Environment
Qlik Replicate 2022.11 (may happen with other versions)
Qlik Compose 2022.5 (may happen with other versions)
Qlik Enterprise Manager 2022.11 (may happen with other versions)
Use of the self-signed SSL certificate
Windows 11
Windows server 2016
Resolution
This issue has to do with the self-signed SSL certificate. Deleting the existing one and allowing Qlik Replicate/Compose/Enterprise Manager to regenerate them resolves the issue.
- Stop the services for all affected software. Example: AttunityReplicateUIConsole, Qlik Compose or Qlik Enterprise Manager.
- (This step only applies to Qlik Replicate) Rename the data folder under the SSL folder (\Program Files\Attunity\Replicate\data\ssl\data)
- Delete self-signed certificates in the management console
- Open a command prompt and enter MMC to open the console (on Windows Server, open "Manage computer certificates")
- Click the File drop-down menu and select Add/Remove snap-in
- Select Certificates and click Add
- Select Computer account. Click Next, then click Finish.
- Click OK to close the Add or Remove Snap-ins window
- Open Certificates and navigate to Local Computer, then Personal, then Certificates
- In the list of certificates shown, select the certificates where the "Issued To" value and the "Issued By" value equal your computer name and delete them.
- Close the Management Console.
- Next we will remove the reference to the self-signed certificate in Qlik Replicate:
- Open a command prompt As Administrator
For Qlik Replicate:
Navigate to the ..\Attunity\Replicate\bin directory and then run the following command:
RepUiCtl.exe certificate clean
Navigate to the ..\Qlik\Compose\bin directory and then run the following command:
For Qlik Compose:
ComposeCtl.exe certificate clean
For Qlik Enterprise Manager:
Navigate to the ..\Attunity\Enterprise Manager\bin directory and then run the following command:
aemctl.exe certificate clean - Run the command: netsh http delete sslcert ipport=0.0.0.0:443
Note, that you may get a message that the command failed in the event there are no certificates bound to the port. This message can be ignored.
- Open a command prompt As Administrator
- Add either a self-signed Certificate or a trusted and signed Organization Certificate.
Option One: Trusted and Signed Certificate. Generate an organization certificate that must be a correctly configured SSL PFX file containing both the private key and the certificate.
Option Two: Self-Signed Certificate. Generate a self-signed certificate on the server to replace the existing self-signed certificate. The provided PowerShell examples generate an SSL certificate for 10 years.
Run the following in PowerShell:
$cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname <FQDN> -NotAfter (Get-Date).AddYears(10) - Once the certificates have been obtained or generated, follow the instructions for the individual product section on how to import a certificate:
- Start the services.
- You may need to clear browser cache/cookies & etc. before you can access the web page outside of incognito mode.
Qlik Replicate will now allow you to open the user interface once again.
If users still cannot log in and are returned to the log in prompt at each attempt, see How to change the Qlik Replicate URL on a Windows host.It is recommended to use your organization certificates
Related Content:
How to change the Qlik Replicate URL on a Windows host
.png)
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Thanks @Dana_Baldwin ! This helped on my Windows machine where post Windows 11 upgrade I could not get my Replicate console to display.
I was seeing this message in the UI.
After following these steps, resolved the issue.

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
I got the same error from Replicate and Compose after Windows 11 installed on my laptop (previous version is Windows 10). I followed the steps in this post; and got the ERR_SSL_KEY_USAGE_INCOMPATIBLE issue resolved. A new issue is that I cannot log in to my local Replicate and Compose running on Windows 11 (the login window keeps pupping up to ask use name and password). The same user name and password are working well in remotely logging in my team shared Replicate and Compose running on Windows 10. I also do not have any issue of using the same user name and password in logging in other applications on my laptop.
My Replicate version is 2021.11.0.266; and my Compose version is 2021.8.0.725. Could you advise if this is a known issue? Do you have a solution to the issue?
Thanks,
Rick

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi @Dana_Baldwin , multiple users are affected in our company due to a recent move to Windows 11, after following the steps above, the UI is still not able to authenticate the existing users
We have a case # 00101855 created for this issue.
Can you please follow up on priority with this?

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hello @Hrishikesh
Someone will be in touch with you regarding the open ticket. Please note that knowledge articles are not intended for immediate support, and a ticket was the right way to go if you require priority assistance.
All the best,
Sonja

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi @rickrliu
I am not personally aware of this being a known issue. I think the best course if action is for you to open a support case to troubleshoot the issue.
Thanks,
Dana

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
the issue with the windows popup on the login for credential, so like a windows security on loopback.
see the below article: on how to disable loopback

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi Support,
We have tried the above steps however it hasn't worked, and we are still seeing the ERR_SSL_KEY_USAGE_INCOMPATIBLE error when trying to access Replicate.
The environment where this is being done has both Qlik Replicate and Qlik Enterprise Manager installed on the same machine. Do the steps need to be carried out differently as a result?
When looking at the certificates in the Management Console, there are 2 listed, one of which we believe is the certificate for QEM. Is there any way to identify the certificate being used by Replicate?
Any feedback is greatly appreciated
Regards,
Nak

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi @NakulanR
Please run: netsh http show sslcert ,, and check the hash to match with the cert hash in the mmc store

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi Team,
I'm facing similar issue with QEM Nov 2021, I'm able to browse QEM from the server where it is installed, but I' not able to browse from other servers where user access is granted.
Please help in this.
Regards,
Manjunath

- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi @Manjunathps ,
In our case, clearing the browser cache in addition to the resolution steps at the start of this article helped to resolve the issue.