Even after disabling TLS 1.0 and 1.1 system-wide, a security scan may reveal Service Dispatcher port 4950 still using an older, non-secure version of TLS. This port belongs to the Precedents Service (used by the Insights feature). Environment:
Qlik Sense Enterprise February 2019 Release and earlier releases affected.
Qlik Sense Enterprise April 2019 Initial Release + Patch 1 affected.
Product defect in Precedents Service - Service Dispatcher (QLIK-94285).
This behaviour is resolved in Qlik Sense June 2019. See the June 2019 Release Notes
for details on QLIK-94285.
Additionally, this issue has been resolved in the following patches:
- Navigate to your Qlik Sense installation folder
- Open the following file: INSTALL_PATH\Qlik\Sense\ServiceDispatcher\services.conf
- Search for the "[precedents]" section
- Add "Disabled=true" right below the section title
- Save the file and restart the Service Dispatcher service
NOTE: Please be aware that restarting the Service Dispatcher without doing a full service restart may cause issues, exercise caution when performing this change in a Production environment.
MULTI-NODE: Note that the change will have to be applied to all nodes in an environment.