Skip to main content

Configuring a proxy for Qlik License Service communication in QlikView Server

You can handle the communication between the Qlik License Service and the License Back-end with a proxy .

The Qlik License Service is included in QlikView April 2019 and later releases and is used when QlikView Server is activated using a signed key license. The Qlik License Service stores the information about the license, and communicates with a License Back-end Service, hosted by Qlik, for product activations and entitlement management. Port 443 is used for accessing the License Back-end Service and retrieving license information.

In a multi-node deployment, the Qlik License Service is installed on the machine running the QlikView Management Service (QMS). You can manage the status of the Qlik License Service by starting and stopping the Qlik Service Dispatcher, listed in the list of services running in the Windows machine.

You can configure the communication between Qlik License Service and the Qlik License Back-end to be handled by a proxy.

In QlikView Server, configuration of a proxy for the Qlik License Service is done using command line parameters. Both HTTP and HTTPS scheme are supported.

With QlikView Server June 2020 or later NTLM and basic authentication capabilities to the licenses service when communicating over a HTTP tunnel are available. This allows you to require authentication on tunneling proxies and configure a more secure environment.

Do the following:

  1. Stop the Qlik Service Dispatcher, which handles the execution of the Qlik License Service.

  2. Navigate to the service.conf file, which by default is located in:
  3. %Program Files%\QlikView\ServiceDispatcher\service.conf

  4. Locate the section [licenses.parameters], which by default contains the following lines:
  5. [licenses.parameters]
    -qv-mode=true
    -app-settings="..\Licenses\appsettings.json"

  6. Add the line -proxy-uri=http://myproxy.example.com:8888 as shown below:
  7. [licenses.parameters]
    -qv-mode=true
    -proxy-uri=http://myproxy.example.com:8888
    -app-settings="..\Licenses\appsettings.json"

    Where "http://myproxy.example.com" is the address of your company's proxy, and "8888" is the port used by the proxy.

    Information noteYou can specify an IP address rather than a domain name as the proxy URI, for example -proxy-uri=http://10.76.124.124:1337.
  8. Skip this step if Security.ps1 already exists in %ProgramFiles%\QlikView\Licenses\install-utils.

    Open a text editor and paste the following into it:

    Function Encrypt-WithMachineKey([Parameter(Mandatory = $True, ValueFromPipeline)] $input) {
        Add-Type -AssemblyName System.Security
    ​
        $bytes = [System.Text.Encoding]::Unicode.GetBytes($input)
        $secured = [Security.Cryptography.ProtectedData]::Protect($bytes, $null, [Security.Cryptography.DataProtectionScope]::LocalMachine)
        return [System.Convert]::ToBase64String($secured)
    }
    ​
    Function Decrypt-WithMachineKey([Parameter(Mandatory = $True, ValueFromPipeline)] $input) {
        Add-Type -AssemblyName System.Security
    ​
        $secured = [System.Convert]::FromBase64String($input)
        $bytes = [Security.Cryptography.ProtectedData]::Unprotect($secured, $null, [Security.Cryptography.DataProtectionScope]::LocalMachine)
        return [System.Text.Encoding]::Unicode.GetString($bytes)
    }

    Name the file Security.ps1 and save it to %ProgramFiles%\Licenses\install-utils.

  9. Skip this step if Encrypt-Password.ps1 already exists in %ProgramFiles%\QlikView\Licenses.

    Open a text editor and paste the following into it:

    Param(
        [string]$password
    )
    ​
    $ErrorActionPreference = "Stop";
    $contentLocation = $PSScriptRoot
    ​
    . $contentLocation/install-utils/Security.ps1
    ​
    if (-not $password) {
        "Usage ./Encrypt-Password -password [password]" | Write-Host
        exit 1
    }
    ​
    $password | Encrypt-WithMachineKey | Write-Host

    Name the file Encrypt-Password.ps1 and save it to %ProgramFiles%\QlikView\Licenses.

  10. Browse to %ProgramFiles%\QlikView\Licenses and run Encrypt-Password.ps1 [password for proxy access].

    Example:  

    Encrypt-Password.ps1 123456

    Copy the generated encrypted password and use it in the next step.

  11. To require authentication on tunneling proxies add the following lines to the services.conf file:

    -proxy-uri=[the uri of the proxy]
    -proxy-auth-mode=ntlm|basic|(leave empty for no authentication)
    -proxy-user=[username without domain]
    -proxy-encrypted-password=[password]
    -proxy-domain=[the domain] (only for NTLM)

  12. Save and close the services.conf file.
  13. Restart the Qlik Sense Service Dispatcher.
  14. If you have a multi-node installation, repeat these steps for all the nodes in your installation.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Join the Analytics Modernization Program

Remove banner from view

Modernize without compromising your valuable QlikView apps with the Analytics Modernization Program. Click here for more information or reach out: ampquestions@qlik.com