Welcome to HP ASC Portal Sign in | Join
in Search
Home Blogs Forums Photos Downloads
HP ASC Portal » HP Application Security Center » ASC Knowledge Base » FIPS-compliant algorithms for encryption security prevents WebInspect from launching

FIPS-compliant algorithms for encryption security prevents WebInspect from launching

Last post 02-13-2008, 7:11 PM by chardmon. 0 replies.
Sort Posts: Previous Next

  •  02-13-2008, 7:11 PM 74109

    FIPS-compliant algorithms for encryption security prevents WebInspect from launching

    TITLE:
    FIPS-compliant algorithms for encryption security prevents WebInspect from launching


    ISSUE:
    You install WebInspect™ and reboot your computer. You try to start WebInspect and it will not start regardless of configuration changes attempted. You turn off any local firewall and/or other security tools you have running, but still WebInspect will not start.

    You do not get any pop-up errors but you may find the following exception error in the Windows Event Log. You may also see this error if you try to start some of the WebInspect tools from the Windows Start menu.

    Service cannot be started. System.TypeInitializationException: The type initializer for 'SPI.Configuration.Amp.RegUtils' threw an exception. --->
    System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
    at System.Security.Cryptography.RC2CryptoServiceProvider..ctor()
    at SPI.Security.Cryptography.Crypto.a(String A_0)
    at SPI.Security.Cryptography.Crypto..ctor(String cryptoKey)
    at SPI.Security.Cryptography.SettingsCrypto..ctor()
    at SPI.Configuration.Amp.RegUtils..cctor()
    --- End of inner exception stack trace ---
    at SPI.Configuration.Amp.RegUtils.GetRegistryString(RegistryKey


    CAUSE:
    Your Windows environment may be configured to use FIPS encryption that is conflicting with WebInspect.


    SOLUTION:
    You need to disable the "Local Security Setting System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" policy in Windows.

    1. Go to Start > Control Panel > Administrative tools > Local Security Policy. The Group Policy dialog appears.
    2. Under the "Local Policies" heading, select "Security Options" and look for the entry, "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing."
    3. If entry this is enabled then disable it.


    APPLIES TO:
    WebInspect 7.x


    MORE INFORMATION:
    See the following solutions for related information.
    Solution 1111 "Smart Update error 'Could not establish secure channel for SSL/TLS'"
    Solution 1989 "WebInspect fails to open with .NET 2.0 exception and Event ID 5000"
View as RSS news feed in XML