Installation, Sign In Button, and TLS

[dciciora]

I just wanted to make anyone aware of an issue we came across when trying to install the VivePro software on a machine.

 

When the machine had TLS 1.0 DISABLED, it would not complete the installation because when you clicked the "SIGN IN" button on the installer and signed it, it would redirect the a url like this:

 

localhost:50728/?code=aorD5KLIgKzPMf20xg7fD9zxyQu1GJqoDCmGfb2rb3WIy7_KQIzRUveXXRNZTUw09Ih3nBKrAZqetWGxyTnOx_cdG0z8GuYQIWxW-27zkr43rcqLiq3xqFLZnklmwDphEE3HWYEajgOrUP9wzr3vYBcxyafrhTKld5EPM0_qtPU&api_url=https%3A%2F%2Fwww.htcsense.com%2F%24RME%24%2F%24WS%24%2FServices%2FOAuth%2FToken

 

When it redirected to that URL, it would get a "page could not be displayed" and would not proceed with installation of the software.  Once I re-enabled TLS 1.0 on the machine, it would go through that same process, but would succesfuly make the API call and proceed with the installation. I have a few packet captures of this failing, but I can't really make sense of what part of it was failing. If you have an issue with installing the software once you get to the "Sign In" button, you might want to see if TLS 1.0 is disabled or enabled.

[HackPerception]

,

 

Thanks for posting this publicly as it may help another person. 

 

We were unable to repro this on our side by disabling TLS - one of our techs may reach out to you via email to get a better understanding of the situation.  

[dciciora]

Thanks,

 

Just to clarify, the two registry keys we were changing are below:

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000

 

This above is the "DISABLED" state of the registry key because the DWORD is set to 0. To re-enable TLS 1.0, we set the DWORD to 1.

 

 

Our image for the windows machines are pretty customized, so it could be a combination of these TLS changes and something else within the image, but I know 100% that flipping this enabled and disabled impacted our ability to install the software successfully.