Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Partner
Partner

TLS 1.3 for Qlik Sense?

Hi,

 

I'm trying to find documentation for the TLS version that Qlik Sense supports, but all I find is rather outdated.

 

Does anyone know if TLS 1.3 is supported, and how to disable other (older) TLS/SSL versions?

 

 

Cheers,

Vegard 🙂

Labels (3)
1 Solution

Accepted Solutions
Highlighted
Support
Support

Hi Vegard, 

 

As Kabir mentionned and as far as I am aware of TLS 1.3 is not fully supported for Qlik products.

See article :

https://support.qlik.com/articles/000041613

 

Regarding your question on how to disable other ssl/tls versions, they are several options to do it (e.g windows registry, powershell) but an easy way to achieve this is with this freeware: 

https://www.nartac.com/Products/IISCrypto
 

You will only need to uncheck the protocols you no longer require - I would suggest you do  the same with the cipher suites you find not enough secured (it can also be done with this tool).

 

Hope it helps.

 

Best regards, 

Alexis 

Please don't forget to mark a correct resolution or answer to your problem or question as correct, as it will help other members to find solutions more easily 😉

View solution in original post

5 Replies
Highlighted
Luminary
Luminary

Hi,

I am not sure its fully supported. To my knowledge it supports 1.2

I found this on support but like you said its outdated -

As it comes to the right protocols, please see the list based on the public available information in November 2017.

QlikSense:

  • Qlik Sense 2.0.x and 2.1 and earlier only support TLS 1.0
  • Qlik Sense 2.2 and Qlik Sense 2.0.7 will get support for TLS 1.2
  • Qlik Sense 3.x, TLS 1.2 will be supported completely.
  • TLS 1.3/2.0 are not yet fully supported
Kabir
Please do not forget to the mark the post if you find it useful or provides you the solutions 🙂
Highlighted
Support
Support

Hi Vegard, 

 

As Kabir mentionned and as far as I am aware of TLS 1.3 is not fully supported for Qlik products.

See article :

https://support.qlik.com/articles/000041613

 

Regarding your question on how to disable other ssl/tls versions, they are several options to do it (e.g windows registry, powershell) but an easy way to achieve this is with this freeware: 

https://www.nartac.com/Products/IISCrypto
 

You will only need to uncheck the protocols you no longer require - I would suggest you do  the same with the cipher suites you find not enough secured (it can also be done with this tool).

 

Hope it helps.

 

Best regards, 

Alexis 

Please don't forget to mark a correct resolution or answer to your problem or question as correct, as it will help other members to find solutions more easily 😉

View solution in original post

Highlighted
Partner
Partner

Thank you! 🙂

I guess it would be nice if this article mentioned the Qlik releases with Month-Years as well, since 3.x is a while ago now. Especially when it comes to security.

Cheers,
Vegard 🙂
Highlighted
Partner
Partner

For other readers:


You can also user PowerShell to check what SSL/TLS version you have enabled, using the script on this site:
   https://www.thecodeasylum.com/testing-ssl-and-tls-with-powershell/

(Remember to change the DNS name on the last line in the script.)

 

And you can check what ciphers you have enabled using the powershell command:

Get-TlsCipherSuite | Format-Table Name

 

Even TLS 1.2 can have weak ciphers enabled.

Highlighted
Contributor II
Contributor II

You can still check with nmap for Windows. Latest stable release self-installer: nmap-7.80-setup.exe

Immediately shows the protocols used, security level of cyphers, recommendations for unsafe cyphers.

1.Run cmd.

2.cd nmap.

3. run command: nmap -script ssl-enum-ciphers -p 443 your_host.com