Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Accelerate Your Success: Fuel your data and AI journey with the right services, delivered by our experts. Learn More
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
AldyPs
Partner - Contributor
Partner - Contributor
‎2024-07-17 04:51 AM

SSL Medium Strength Cipher Suites Supported (SWEET32) : port 443

Hi Team,

I got result file from itsec team, after they done VA scan via nessus with the description like this :

"The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network."

my question is this is relate with configure new SSL or other issue ? can you help me for fixed this issue

Labels (2)
Labels
616 Views
0 Likes
1 Solution

Accepted Solutions
Dana_Baldwin
Support
Support
‎2024-07-17 04:59 PM

Hi @AldyPs 

The following is true for Qlik Data Integration products (Replicate, Enterprise Manager, Compose, etc.). I am not sure about Data Analytics products:

We can offer the following guide (https://community.qlik.com/t5/Official-Support-Articles/Disabling-Weak-Cipher-suites-for-TLS-1-2-on-...) on how to disable weak ciphers on a Windows machine, all the management is through the OS level not application level. We cannot advise on specific settings as that is out of our scope.

Hope this helps!

Dana

View solution in original post

565 Views
3 Replies
mpc
Partner - Specialist
Partner - Specialist
‎2024-07-17 05:18 AM

Hi, 

Please use on your Windows Server IIS Crypto recommended settings: https://www.nartac.com/Products/IISCrypto

Kind regards

From Next Decision and mpc with love
603 Views
0 Likes
Dana_Baldwin
Support
Support
‎2024-07-17 04:59 PM

Hi @AldyPs 

The following is true for Qlik Data Integration products (Replicate, Enterprise Manager, Compose, etc.). I am not sure about Data Analytics products:

We can offer the following guide (https://community.qlik.com/t5/Official-Support-Articles/Disabling-Weak-Cipher-suites-for-TLS-1-2-on-...) on how to disable weak ciphers on a Windows machine, all the management is through the OS level not application level. We cannot advise on specific settings as that is out of our scope.

Hope this helps!

Dana

566 Views
AldyPs
Partner - Contributor
Partner - Contributor
‎2024-07-22 11:32 AM
Author

Hi all,

thanks for sharing your experience, my issue has been solved.

Best regards

508 Views