Qlik Sense Enterprise on Windows: Internal Error while accessing Data Load Editor, Data Manager, and creating a new App

Vikram_Jayakumar · Nov 14, 2022 4:47:09 AM

Last Updated 19th October. See the new Resolution recommending new Microsoft KBs.

After a recent Windows System Update, accessing the Data Load Editor or Data Manger in Qlik Sense Enterprise on Windows fails intermittently with:

Internal error. Unique ID:

This may also happen when creating an App:

The app could not be created. Please try again.

Resolution

Microsoft has identified the root cause to be KB5018419 and resolved the issue in KB5020436 (Windows Server 2022) KB5020438 (Windows 10 Enterprise 2019), KB5018457 (Windows Server 2012), KB5020447 (Windows Windows 8.1 and Server 2012 R2), and KB5020439 (Windows 10, Windows Server 2016) respectively.

To resolve:

Download the appropriate Microsoft KB. Note that these KBs are not available from Windows Update and will not install automatically.
Install the KB.
Restart Windows.

For more detailed information, including affected platforms, see:

SSL/TLS handshake might fail (Windows Server 2022)
SSL/TLS handshake might fail (Windows 10 Enterprise 2019 LTSC Windows 10 IoT Enterprise 2019)
SSL/TLS handshake might fail (Windows 10, version 1607, all editions Windows Server 2016, all editions)
SSL/TLS handshake might fail (Windows Server 2012)
SSL/TLS handshake might fail (Windows 8.1 and Server 2012 R2)

Workaround

We recommend to use the permanent solution as outlined above. This workaround cannot be guaranteed to have the desired effect for all instances of the issue.

If the resolution is currently not doable, using IISCrypto to configure your Schannel settings can be investigated as a temporary workaround. In it, we follow IISCrypto's Best Practices.

Note: IIS Crypto is an example 3rd party tool that can be used to achieve this. IIS Crypto is not supported by Qlik, but by its respective vendor, NARTAC Software. To obtain IIS Crypto, visit https://www.nartac.com/Products/IISCrypto.

Steps:

Open IISCrypto and select SCHANNEL
Click Best Practices
Click OK

Cause

The root cause is a recent Microsoft Security upgrade.

The currently suspected KBs* affecting Qlik Sense are:

KB5018419
KB5018474 (not confirmed)
KB5018410 (not confirmed)

*This list is not exhaustive and may be updated if more are identified.

Environment:

Qlik Sense Enterprise on Windows

Internal Investigation ID:

QB-15018
COG-3581

SivenM2020 · ‎2022-10-18

Hi,

What else can we check/do, If customers has applied this solution and it's still an issue.

(server rebooted to apply change)

Kind Regards,

Siven

Or · ‎2022-10-18

@Vikram_Jayakumar Clarification requested: Is this issue for the server having these updates applied, or the client (or both)?

Sonja_Bauernfeind · ‎2022-10-18

Hello @SivenM2020

I would recommend logging a support ticket with a reference to this article. Our teams are actively working on finding out more information.

@Or Let me see if I can get an answer to this for you.

All the best,
Sonja

SivenM2020 · ‎2022-10-18

Hi,

Both client and server has issue.

jesper_bagge · ‎2022-10-18

For the sake of transparency: what does "best practices" actually do? Is it just enabling/disabling the use of specific versions of encryption methods? Please elaborate.

SivenM2020 · ‎2022-10-18

Hi,

@Sonja_Bauernfeind

Case has been logged - 00056548

Please advise what log files are required, to speed up resolution.

Kind Regards,

Siven

Sonja_Bauernfeind · ‎2022-10-18

Hello @SivenM2020 I have alerted our support agents.

As for your original question: If you have made changes to the ciphers used through IISCrypto, verify that after a reboot the changes are still in place and/or that they have not been undone by a Group Policy on boot or a few minutes later. Group Policies may overwrite changes you attempt to do.

@jesper_bagge Essentially, yes. You can verify which protocols/ciphers are enabled or disabled based on the overview in the IISCrypto tool. We recommend this tool as it gives you an easy graphical overview and the changes applied match our supported protocols/ciphers.

We will continue to update this article as we find out more details about the root cause and as we identify additional solutions.

SivenM2020 · ‎2022-10-18

Hi,

@Sonja_Bauernfeind , changes are still there. Server has been rebooted a few times to try and resolve issue.

jesper_bagge · ‎2022-10-18

I performed the steps mentioned in the OP and it seems to have resolved the issues we had on a single node installation. FYI: of the listed patches we only had KB5018474 installed on our system.

Kind regards
Jesper Bagge

jchoucq · ‎2022-10-18

Hi, and thank you for this article.

In a multinode architecture, does this Schannel have to be made on all nodes or just on specific ones ?

Thanks a lot and have a good day.

Johann

Qlik Sense Enterprise on Windows: Internal Error while accessing Data Load Editor, Data Manager, and creating a new App