Skip to main content

Configuring preferred cipher suites for QlikView Server

You can rank the preferred cipher suites that Qlik License Service uses to encrypt and decrypt the signed key license.

The Qlik License Service is included in QlikView Server April 2019 and in later releases.

Information noteYou can configure QlikView Server to use either mTLS or NTLM as your authentication protocol. If you use the NTLM service however, you cannot configure preferred cipher suites.

If your Qlik License Service is set up to use certificate service authentication, then it uses Mutual TLS Authentication (mTLS). This protocol ensures that requests coming from both the server and client are trusted. The Qlik License Service listens on port 9200.

Information noteTLS 1.2 is supported since QlikView 12.0.

The following list shows the supported cipher suites:

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA25
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA

To configure the preferred cipher suites for the Qlik License Service, do the following: 

  1. Open the service.conf file.
    The default path is %Program Files%\QlikView\ServiceDispatcher\service.conf.
  2. Go to the following section:

    [license.parameters]
    -qv-mode=true
    -qv-auth-mode=cert
  3. Add a comma-separated list of ciphers to his section, as shown below:

    [license.parameters]
    -qv-mode=true
    -cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
    -qv-auth-mode=cert
  4. Save the file and close.
  5. Restart the QlikView Server Service Dispatcher, which handles execution of the Qlik License Service.
  6. If you have a multi-node environment, repeat the steps above for each node.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Join the Analytics Modernization Program

Remove banner from view

Modernize without compromising your valuable QlikView apps with the Analytics Modernization Program. Click here for more information or reach out: ampquestions@qlik.com