Login Page not rendered latest WI versions
I would like to raise an issue on WebInpect 20.1 and 20.2.
The logon page of a Salesforce application is not being rendered properly in the TruClient browser. Therefore we’re not able to perform an authenticated scan.
Please see screenshots below.
Greatly appreciate your immediate advise as our assessment is greatly impacted.
There could be a number of reasons for this issue, but first a few questions:
- Does this happen with all https:// sites or just this one?
- Does the same happen for http:// sites?
- Are you behind a proxy? If so, are those defined?
A couple of solutions/recommendations, if these do not work please open a ticket with support for further evaluation:
- Make sure you have the required access to the Windows MachineKeys folder - link to documentation:
Modify the permissions of C:\ProgramData\Microsoft\Crypto\RSA\
On the folder properties Security tab, use the Advanced button and configure permissions to allow full control for the user for This folder, subfolders and files.
If you are behind a proxy and #1 does not work, make sure you have the following in the exclusions for the proxy in Internet Options: localhost;127.0.0.1
Thank you ebell, I just submitted a ticket as applying the possible solution did not fix the issue.
To answer these questions:
- Does this happen with all https:// sites or just this one? just this site
- Does the same happen for http:// sites? no just this site
- Are you behind a proxy? If so, are those defined? yes its defined
Thank you again. Will wait for the ticket get attended.
In the link posted for permissions on the MachineKeys folder, it mentions only providing Full Control to the "user".
Please change the permissions for the C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys folder to allow full control for everyone and see if this resolves the issue.
If the Login macro recorder (True client) is not rendering pages correctly, check to see if there are any SCHANNEL errors in the widow event log.
On Web Inspect 20.2 you may need to enable openSSL. Anytime we have a SCHANNEL errors in system event logs or something doesn't render in True Client browser; we suggest to enable openSSL to see if it will resolve the issue. OpenSSL is in technical preview for Web Inspect 220.127.116.11. This integration provides support for TLS 1.3, and provides an option for customers whose system administrators may be restricting the Microsoft SCHANNEL stack.
The setting may be enabled in the UI at Edit > Application Settings > General.
So I too am having these issues. I enabled OpenSSL in the settings and I am still having issues rendering pages. I did check the log and I do see a host of Schannel Errors.
Here is a YouTube video on the implementation of OpenSSL with WebInspect 20.2 - https://www.youtube.com/watch?v=kxjDoE-PdrU.
You should not see any Schannel errors after enabling OpenSSL in WebInspect as this bypasses Microsoft's Schannel implementation/utilization in WebInspect. You shouldn't have to restart WebInspect after making the modification, but if you had any tools open (i.e., Login Macro Recorder) then you will need to close and open those applications again.
As mentioned above, if you continue to experience an issue please open a ticket with support for further investigation.