Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Currently, our setup involves a single-node installation of November 2022 Qlik sense Enterprise.
The vulnerability scanning tool on the client side, such as Nessus, has issued multiple warning stating, "The SSL certificate for this service cannot be trusted." It's important to note that we restrict user access to Qlik Sense from external sources. Instead, we solely rely on the Engine API with certificate trust for data retrieval and access the Hub exclusively from the server. This warning has been raised for multiple ports, including 3389 and 4239.
The recommendation from the tool is to "Purchase or generate a proper SSL certificate for this service."
Although we understand that third-party SSL certificates can be employed for accessing the Hub, I'm uncertain whether this warning will persist unless we delete the self-signed certificate generated by Qlik. Could someone provide guidance on the best approach to resolve this issue?
Please take a look at this blog post
Hi Maria,
While I understand that we can use custom SSL certificate for accessing the Qlik Sense Hub and Management Console, I am trying to see if there is any way to hide the the existing self signed certificate that cannot be deleted as they're essential for protecting communication between services.
I'm contemplating requesting a restriction on access from every other port to mitigate the visibility of these certificates to the auditing tool
Hi @Maria ,
To retrieve data from Qlik, we establish a direct connection to the engine from a trusted server, utilizing certificate authentication and a built-in user. Can we use the custom SSL mentioned in the article shared for this purpose?