Securing connections to endpoints
Qlik Replicate communicates with the source and target endpoints (typically databases) using either the vendor provided client package or via a standard ODBC driver.
Qlik does not implement the network protocol (see important exceptions below) and for this reason, Qlik Replicate generally relies on the vendor of the source or target endpoint to offer encryption. When setting up endpoint connections, the user is able to specify any connection properties required for the use of encryption; these properties are, invariably, vendor-specific properties. In some cases, use of encryption requires system-level settings (such as adding a certificate to the machine trust store) which are outside of the scope of Qlik Replicate. Users are referred to the operation manual of the source or target endpoint for details on how to set up encrypted client communication with the server.
One exception to the previous paragraph is for endpoints based on the Qlik Connect product (endpoints on zOS and iSeries). In this case, the network encryption is implemented by the Qlik Connect product and is based on the AES encryption algorithm with a 256-bit key.
Another exception is for endpoints that work over HTTP. In these cases, the user is advised to ensure that the endpoint server is configured to offer HTTPS and then use the appropriate https:// based URL when setting up the connection.