TLS cipher suites
A cipher suite is a set of algorithms used to encrypt network communication. Qlik NPrinting users can customize the list of cipher suites in order to remove those considered not secure by their security protocol.
Qlik NPrinting does not set a specific secure cipher suite as mandatory, in order to guarantee compatibility with different operating systems and platforms.
The new proxy configuration parameter tls.ciphersuites lets you manage a custom set of cipher suites in the Qlik NPrinting proxy.
The proxy configuration files are:
These files contain the list of customizable configuration properties, all commented by default. These files do not change when you upgrade to new versions of Qlik NPrinting. Therefore, this configuration property is not immediately visible when you upgrade from older versions. This ensures you do not lose your settings.
The Qlik NPrinting proxy supports a limited set of cipher suites. The list may change after a product upgrade in order to include new algorithms or deprecate others.
Some of the supported cipher suites are considered
"http2: TLSConfig.CipherSuites index %index% contains an
With this configuration, clients that don't support previous, approved cipher suites may be given an unapproved one and reject the connection."
Note that %index% and %ciphername% are variables that will show:
- %index%: the name of the index.
- %ciphername%: the name of the cipher suite that caused the issue.
The cipher suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (
Supported cipher suites:
Accessing the custom cipher suites list
Do the following:
- Stop the QlikNPrintingWebEngine service.
- To customize the Qlik NPrinting web console, open webconsoleproxy\app.conf. To customize the NewsStand, open newsstandproxy\app.conf.
- Uncomment or add tls.ciphersuites.
- Enter the comma-separated list of cipher suites to support as value from most to least preferred.
- Save the file.
- Restart the QlikNPrintingWebEngine service.
Set only the cipher suites considered secure by the RFC 7540 standard.