I got some info from support from which I learn that there is an issue with TLS in SR16:
"...Due to critical flaw identified in Secure Socket Layer (SSL) version 3, see ref , Qlik R&D has enabled support for newer versions of Transport Layer Security (TLS) in QlikView 12 SR1. Unfortunately due to limitations in .NET framework version TLS v1.2 support cannot be implemented in QlikView 11.20. .."
QlikView 11.20 user myself, looking forward to all the good things QlikView 12.10 brings, but not a straightforward upgrade rather than a migration.
Nevertheless, I would challenge Qlik Support on that critical flaw (Heartbleed?) that should be patched using the newest version of the SSL implementation should it was the case. And if not, knowing the vulnerability would help to mitigate or fix it anyway.