000017646 - Cannot login to the RSA NetWitness Informer UI and the error 'Unable to Validate Data' is displayed

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000017646
Applies ToRSA NetWitness NextGen
RSA NetWitness Informer
RSA NetWitness Informer 2.0
IssueCannot login to the RSA NetWitness Informer UI and the error "Unable to Validate Data" is displayed.

When navigating to the Informer web interface, the following error is produced:

Unable to validate data.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: Unable to validate data.

Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[HttpException (0x80004005): Unable to validate data.]
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf,
Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo, Boolean signData) +4308283
System.Web.UI.Page.EncryptStringWithIV(String s, IVType ivType) +155
System.Web.Handlers.RuntimeScriptResourceHandler.GetScriptResourceUrlImpl(List`1 assemblyResourceLists, Boolean zip,
Boolean notifyScriptLoaded) +1815
System.Web.Handlers.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(List`1
assemblyResourceLists, Boolean zip, Boolean notifyScriptLoaded) +910
System.Web.Handlers.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(Assembly
assembly, String resourceName, CultureInfo culture, Boolean zip, Boolean notifyScriptLoaded) +193
System.Web.UI.ScriptManager.GetScriptResourceUrl(String resourceName, Assembly assembly) +128
System.Web.UI.ScriptRegistrationManager.RegisterClientScriptResource(Control control, Type type, String resourceName) +154

 

Resolution

The reason it happens is because FIPS compliance templates have been applied to the Informer appliance. ASP.NET 2.0 uses the RijndaelManaged implementation of the AES algorithm when it processes view state data. The RijndaelManaged implementation has not been certified by the National Institute of Standards and Technology (NIST) as compliant with the Federal Information Processing Standard (FIPS). Therefore, the AES algorithm is not part of the Windows Platform FIPS validated cryptographic algorithms and web pages are not served correctly.

Due to AES being uncertified, the Informer Web which uses SHA1/AES, must be adjusted to use TripleDES for this encryption/decryption of state information. Follow the below steps to fix this situation.

1. Login to the Informer appliance via Remote Desktop


2. Check to see if the FIPS Algorithm Policy is enabled, set to 1, in the registry on the Informer appliance. If it isn't contact Support for further troubleshooting.

  regedit

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy

  Enabled = 1

3. Next open the web.config file in Notepad.

    C:\inetpub\wwwroot\NwReporterWeb\web.config or D:\inetpub\wwwroot\NwReporterWeb\web.config

4. Find <system.web> and add the following lines.

  <machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES" />

5. Save the web.config file and restart IIS. Open a command prompt and type:

  iisreset


6. Open Internet Information Services Mananger.

    Start -> All Programs -> Administrative Tools -> Internet Information Services Mananger


7. Select Sites -> Informer Web Site -> NwReporterWeb and double click on Machine Key


8. Change Encryption method and Decryption method to "TripleDES", then click Apply.

9. Close IIS Manager and restart the Informer Service via the desktop icons.

10. Once the Informer Service restarts browse to the Informer web site and login as normal.

 

If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article ID for further assistance.

Legacy Article IDa59799

Attachments

    Outcomes