Qlik Sense SSL Certificate for Deployment
Business Analytics Specialist
John Daniel Associates, Inc.
In this post we’re going to look at how quick and easy it is to procure and install an SSL certificate on your Qlik Sense deployment. This assumes you are starting with only the self-signed certificates, and that you want to use a certificate generated by a signing authority for use on an externally facing site.
On a clean installation of Qlik Sense Enterprise, you’ll notice that the domain fails SSL validation. This is because the certificate has been generated by your server, and not by a trusted certificate authority.
Before we apply the SSL certificate in Qlik Sense, you need to make sure you add a new, trusted certificate to the server. Here’s a high-level overview of how to do so:
1) Generate a CSR (certificate signing request – this comes from IIS and details specifics of the system and requester)
2) Purchase a certificate from a trusted authority
3) Pass the CSR generated by your server to the authority
4) Validate that you control the domain in question (through email or DNS)
5) Download the certificate generated by the authority and add it to the certificate store on the machine
Now we can begin the steps to apply the new SSL certificate to your Qlik Sense Enterprise deployment:
- Click on the Start Menu > Open Microsoft Management Console
- From the Microsoft Management Console, go to File > Select Add/Remove Snap-in > Select Certificates > Add > Select Computer Account > Local Computer > Ok
- From left hand side in the Microsoft Management Console > Expand Certificates> Expand Personal > Right click on Certificates > Go to All Tasks > Select Import
- Select Browse in the Certificate Import Wizard > Find your *.cer or *.crt file > Click Add
- You should now see the certificate listed under Certificates in the Microsoft Management Console
- Double click the certificate > Go to Details> Find the Thumbprint field > Copy thumbprint. The copied thumbprint gets added to Qlik Sense QMC (Qlik Management Console) in a later step.
- Navigate to the Home page in the QMC (Qlik Management Console) > select Proxies from the left-hand side menu
- Single click the Central node > Select Edit
- Select the Security property from the right-hand side
- Paste the thumbprint in the SSL browser certificate thumbprint box > Hit Apply
You’ve now officially applied the SSL certificate to your Qlik Sense Enterprise deployment. The proxy will restart and you should be able to use the new certificate immediately. Note that you will likely need to end or refresh your current browser session to correctly validate the updated certificate.
For additional reference, the official Qlik Sense guide can be found here.