! The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
Note: All the steps below need to be performed by Windows Administrator on Windows level. These steps are not supported by Qlik Support. Consult Windows Support before proceeding.
All cipher suites used for TLS by Qlik Sense is based on the windows configuration (schannel). So if windows is configured not to allow these suites Qlik Sense should be secure.
In general, Qlik do not specifically provide which cipher to enable or disable. Here's what is documented under Protecting the Platform: "The security in Qlik Sense does not depend only on the Qlik Sense software. It also relies on the security of the environment that Qlik Sense operates in. This means that the security of, for example, the operating system and the cryptographic protocols (such as TLS/SSL) has to be set up and configured to provide the security needed for Qlik Sense."
Please refer to fig 1:
And the instructions are as follows: This policy setting determines the cipher suites used by the Secure Socket Layer (SSL). If you enable this policy setting, SSL cipher suites are prioritized in the order specified.
If you disable or do not configure this policy setting, the factory default cipher suite order is used.