Learner_7 Respected Contributor.
Respected Contributor.
5068 views

WebInspect 16.20 - SSL Error issue

Hi All 

I am using HP webInspect 16.20 for scanning an application in a Client's environment. 

After initiating the scan, I am getting facing the below error in the profiling page- 

"SSL Configuration failed when trying to connect to target host." 

ON clicking next and subsequently starting the scan, 

Please note- since its a client's environment, we have to set up the network proxy too(which we have done). Still, I am unable to start the scan successfully. 

Please help how to mitigate this error. 

Thanks in advance! 

Labels (1)
Tags (1)
0 Likes
1 Reply
Micro Focus Expert
Micro Focus Expert

Re: WebInspect 16.20 - SSL Error issue

Are you supposed to route SSL traffic to one network proxy, but HTTP traffic to a different network proxy?  You will need to investigate their proxy connection details further.  Does it require authentication, such as NTLM?  Just because "it works in MSIE" does not mean NTLM auth is not being used, as some proxies (Microsoft ISA, et al) will automatically steal the current Windows OS user's credentials to authenticate through the proxy.  😞

I never trust MSIE in these cases, as Group Policies can get involved.  Instead, I use Firefox, as any proxy configuration I can identify for Firefox will work in WebInspect.  If you are not permitted to install an alternative browser, we have one for you!  Make a copy of C:\Program Files\HP\HP WebInspect\browser\ and move it elsewhere such as C:\Program Files\HP\browser\, then launch browser.exe from within that copied folder.

Furthermore, insert a running copy of the included Web Proxy, or even BURP,  and configure WebInspect to use Web Proxy as its scan proxy, and configure Web Proxy with the network proxy as its up-stream proxy.  This configuration will expose the traffic and errors that are occurring.  If this does not help, see what Ethereal (or Wireshark) exposes when you attempt the SSL connection.


-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.softwaregrp.com/t5/Fortify/ct-p/fortify
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.