WebInspect 10 and expired certs

New Member.

WebInspect 10 and expired certs

Does WebInspect not connect to web servers that have expired certs?  I can access via browsers after clicking through the expired cert warning, but WebInspect will not.


In the profiler, it says "An error has occurred during the profiling of the targeted server.  Server profiler failed to connect to the target host."


If I click "next" then "Scan" the Scan Log reports "Connectivity Issue, Reason:FirstRequestFailed, Server xxx.com, Error:(10054)Unable to read data from the transport connection:  An existing connection was forcibly closed by the remote host.

New Member.

Re: WebInspect 10 and expired certs

Also, if I run WebInspect through Burp, it works like a champ since Burp's cert hasn't expired.

Acclaimed Contributor.

Re: WebInspect 10 and no connectivity on first request

Unlike a user's browser interface, WebInspect does not stop for anything like simple errors, expired certs, or insecure/secure content.  It just goes.


Since this is a connectivity error, have you checked the Proxy settings for your scan settings?  The default setting are to steal the proxy configuration from IE, but one detail it cannot take is any entered user credentials.  You may need to change WebInspect's Proxy to "Explicitly Configured" and fill out the necessary proxy details and credentials there.  I find that if I can get Firefox configured for the upstream network proxy, then those settings will work fine once transferred to WebInspect.  Be aware that WebInspect has two Proxy settings areas, one for Scan Settings and one for Application Settings (for updates and such).


One area that expired or self-signed certificates might give WebInspect trouble is when they are part of the recorded sessions in the Login Macro you may have recorded.  I generally will mark those sessions as Optional so they do not foil the macro playback, just in case they do not reappear.

-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.saas.hpe.com/t5/Fortify/ct-p/fortify