In a default Qlik Sense installation, self-signed certificates are generated for the following purposes:
1) Encrypt connection on the hub and QMC for clients (Proxy certificate)
2) Communicate securely between services
However, if you keep the default certificate for the Proxy certificate, the connection will appear as non-trusted on client computers.
There are 2 solutions to make the connection appear as trusted:
1) Use a certificate bought from a third-party trusted Certificate authority
Please follow the steps in How to change certificate for the Proxy
in order to add this certificate in Qlik Sense.
2) Add the self-signed certificate generated by Qlik Sense to the trusted root certificate store on the clientWarning: This action needs to be performed on each client that uses Qlik Sense. It is recommended that the Active Directory domain administrator configures a domain policy to distribute the certificate to each client.
- On the Qlik Sense certificate, copy the root.pem certificate from C:\ProgramData\Qlik\Sense\Repository\Exported Certificates\.Local Certificates
- On the client, open the mmc console and add the Certificates snap-in for the local computer
- Go to Trusted Root Certification Authorities and import root.pem
- Choose "Yes" on the warning message to verify that you want to trust this certificate.
Warning: Chrome and Internet Explorer use the default Certificate store in Windows, for Firefox you will have to install the certificate in the browser (Tools > Options > Advanced > Certificates: View Certificates)