In this post, we show you how quick and easy it is to procure and install an SSL certificate on your Qlik Sense deployment. This assumes you are starting with only the self-signed certificates, and that you want to use a certificate generated by a signing authority for use on an externally facing site.
Add a trusted certificate to the server
On a clean installation of Qlik Sense Enterprise, you’ll notice the domain fails SSL validation (see Image 1). This is because your server generated the certificate, instead of a trusted certificate authority.
Before we apply the SSL certificate in Qlik Sense, you need to make sure you add a new, trusted certificate to the server. Here’s a high-level overview of how to do so:
- First, generate a CSR (certificate signing request – this comes from IIS and details specifics of the system and requester)
- Next, purchase a certificate from a trusted authority
- Then, pass the CSR generated by your server to the authority
- Validate that you control the domain in question (through email/DNS)
- Lastly, download the certificate generated by the authority and add it to the certificate store on the machine
Now we can begin the steps to apply the new SSL certificate to your Qlik Sense Enterprise deployment.
Applying the new certificate
- Open your Management Console
Click on the Start Menu. Then click, Open Microsoft Management Console.
- Add/Remove Snap-Ins
From the Microsoft Management Console, go to File. Then, select Add/Remove Snap-in.
- Select Computer Account.
Once you have done this, select Certificates. Then, click Add > Select Computer Account > Local Computer > OK.
- Import the certificate.
On the left-hand side of the Management Console, click Expand Certificates. Next, click Expand Personal. Then, Right click on Certificates, go to All Tasks, and select Import.
- Find your *.cer or *.crt file.
Select Browse in the Certificate Import Wizard. Find your file, then click Add.
- You should now see the certificate listed under Certificates in the Microsoft Management Console.
- Obtain the thumbprint.
Next, double click the certificate. Go to Details > Find the Thumbprint field > Copy thumbprint. The copied thumbprint gets added to Qlik Sense QMC (Qlik Management Console) in a later step.
- Locate Proxies in QMC.
Next, navigate to the Home page in the QMC (Qlik Management Console) and select Proxies from the left-hand side menu.
- Single click the Central node.
Then select edit.
- Select the Security property.
On the right-hand side of the screen, you should see the Security property. Select it.
- Apply the certificate.
Lastly, paste the thumbprint in the SSL browser certificate thumbprint box. Then, hit Apply.
Congratulations! You’ve now officially applied the SSL certificate to your Qlik Sense Enterprise deployment. After applying the cert, the proxy will restart. Once the proxy restarts, you should be able to use the new certificate immediately. Note that you will likely need to end or refresh your current browser session in order to correctly validate the updated certificate. For additional reference, the official Qlik Sense guide can be found here.
Read More >> Budget for the Back-to-School Season with Qlik Sense