Skip to main content

Official Support Articles

Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Announcements
QlikWorld 2023, a live, in-person thrill ride. Save $300 before February 6: REGISTER NOW!

Qlik Sense Enterprise on Windows: Internal Error while accessing Data Load Editor, Data Manager, and creating a new App

cancel
Showing results for 
Search instead for 
Did you mean: 
Vikram_Jayakumar

Qlik Sense Enterprise on Windows: Internal Error while accessing Data Load Editor, Data Manager, and creating a new App

Last Updated 19th October. See the new Resolution recommending new Microsoft KBs.

 

After a recent Windows System Update, accessing the Data Load Editor or Data Manger in Qlik Sense Enterprise on Windows fails intermittently with:

Internal error. Unique ID:

1.PNG

 

This may also happen when creating an App:

 

2.PNG

The app could not be created. Please try again.

 

Resolution

Microsoft has identified the root cause to be KB5018419 and resolved the issue in KB5020436 (Windows Server 2022) KB5020438 (Windows 10 Enterprise 2019), KB5018457 (Windows Server 2012), KB5020447 (Windows Windows 8.1 and Server 2012 R2), and KB5020439 (Windows 10, Windows Server 2016) respectively. 

To resolve:

  1. Download the appropriate Microsoft KB. Note that these KBs are not available from Windows Update and will not install automatically.
  2. Install the KB.
  3. Restart Windows.

For more detailed information, including affected platforms, see:

SSL/TLS handshake might fail (Windows Server 2022)
SSL/TLS handshake might fail (Windows 10 Enterprise 2019 LTSC Windows 10 IoT Enterprise 2019)
SSL/TLS handshake might fail (Windows 10, version 1607, all editions Windows Server 2016, all editions)
SSL/TLS handshake might fail (Windows Server 2012)
SSL/TLS handshake might fail (Windows 8.1 and Server 2012 R2)

 

Workaround

We recommend to use the permanent solution as outlined above. This workaround cannot be guaranteed to have the desired effect for all instances of the issue.  

If the resolution is currently not doable, using IISCrypto to configure your Schannel settings can be investigated as a temporary workaround. In it, we follow IISCrypto's Best Practices. 

Note: IIS Crypto is an example 3rd party tool that can be used to achieve this. IIS Crypto is not supported by Qlik, but by its respective vendor, NARTAC Software. To obtain IIS Crypto, visit https://www.nartac.com/Products/IISCrypto

Steps:

  1. Open IISCrypto and select SCHANNEL
  2. Click Best Practices 
  3. Click OK

    IIS Crypto Best Practices.png



 

Cause

The root cause is a recent Microsoft Security upgrade.

The currently suspected KBs* affecting Qlik Sense are:

KB5018419
KB5018474 (not confirmed)
KB5018410 
(not confirmed)

*This list is not exhaustive and may be updated if more are identified.

 

 

Environment:

Qlik Sense Enterprise on Windows 

 

Internal Investigation ID:

QB-15018
COG-3581

Labels (1)
Comments
SivenM2020
Partner - Contributor III
Partner - Contributor III

Hi,

What else can we check/do, If customers has applied this solution and it's still an issue.

(server rebooted to apply change)

 

Kind Regards,

Siven

Or
MVP
MVP

@Vikram_Jayakumar Clarification requested: Is this issue for the server having these updates applied, or the client (or both)?

Sonja_Bauernfeind
Digital Support
Digital Support

Hello @SivenM2020 

I would recommend logging a support ticket with a reference to this article. Our teams are actively working on finding out more information.

@Or Let me see if I can get an answer to this for you. 

All the best,
Sonja 

SivenM2020
Partner - Contributor III
Partner - Contributor III

Hi,

Both client and server has issue.

jesper_bagge
Contributor III
Contributor III

For the sake of transparency: what does "best practices" actually do? Is it just enabling/disabling the use of specific versions of encryption methods? Please elaborate.

SivenM2020
Partner - Contributor III
Partner - Contributor III

Hi,

@Sonja_Bauernfeind 

Case has been logged - 00056548

Please advise what log files are required, to speed up resolution.

Kind Regards,

Siven

 

Sonja_Bauernfeind
Digital Support
Digital Support

Hello @SivenM2020 I have alerted our support agents.

As for your original question: If you have made changes to the ciphers used through IISCrypto, verify that after a reboot the changes are still in place and/or that they have not been undone by a Group Policy on boot or a few minutes later. Group Policies may overwrite changes you attempt to do.

@jesper_bagge Essentially, yes. You can verify which protocols/ciphers are enabled or disabled based on the overview in the IISCrypto tool. We recommend this tool as it gives you an easy graphical overview and the changes applied match our supported protocols/ciphers.

We will continue to update this article as we find out more details about the root cause and as we identify additional solutions.

SivenM2020
Partner - Contributor III
Partner - Contributor III

Hi,

@Sonja_Bauernfeind , changes are still there. Server has been rebooted a few times to try and resolve issue.

 

jesper_bagge
Contributor III
Contributor III

I performed the steps mentioned in the OP and it seems to have resolved the issues we had on a single node installation. FYI: of the listed patches we only had KB5018474 installed on our system.

Kind regards
Jesper Bagge

jchoucq
Partner - Creator III
Partner - Creator III

Hi, and thank you for this article.

In a multinode architecture, does this Schannel have to be made on all nodes or just on specific ones ?

Thanks a lot and have a good day.

Johann

Version history
Last update:
‎2022-11-14 04:47 AM
Updated by: