We’re experiencing SSL handshake failures when connecting our Qlik Sense 2019 REST connector to an external vendor API. The connection worked fine until last week when the vendor enforced TLS 1.2 on their endpoints.
Error message we’re seeing:
SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.SSLSocketImpl.readRecord
Connection failed: SSL certificate verification failed
I’ve verified the REST connector compatibility with TLS 1.2, but I’m not sure if we need to import their certificate into Qlik’s truststore or if there’s a configuration setting I’m missing. The API requires client certificate authentication as well.
Has anyone dealt with certificate import procedures for REST connectors in Qlik 2019? Our data sync is completely blocked and this is affecting multiple dashboards pulling real-time inventory data.
Be careful with the certificate import. You need to import both the server certificate and any intermediate CA certificates into the cacerts file. The default password for the Java keystore is ‘changeit’ unless your team modified it. Make sure you’re importing into the correct Java installation that Qlik is actually using - sometimes servers have multiple Java versions installed. Yes, you’ll need to restart the Qlik Sense Repository Service at minimum after the import.
I’ve seen this exact issue before. The TLS 1.2 enforcement is likely exposing a certificate trust chain problem. First, check if your Qlik Sense server’s Java version supports TLS 1.2 properly - some older Java 8 builds had issues with this. You can verify by checking the Java security properties file.
For the client certificate authentication, you’ll need to convert your PFX to separate PEM files (certificate and private key). The REST connector in Qlik 2019 doesn’t directly accept PFX format in my experience. I’ve had better luck providing the certificate and key separately in the connector settings under the Authentication section.