Understanding the Launch Artifacts
The Configuration Tool CLI creates scripts for Windows and Linux containers. The dast-windows-start.zip file contains scripts for starting Windows containers. The dast-linux-start.tar.gz file contains scripts for starting Linux containers.
If you provide an --outputDirectory setting in the configureEnvironment command, then these files will be written to the directory you specify. If you do not provide an --outputDirectory setting, then these files will be written to the directory where the DAST.ConfigurationToolCLI.exe file is located.
For more information about the DAST components mentioned here, see What is ScanCentral DAST? and ScanCentral DAST with Two-factor Authentication.
The following table provides details about these files.
| File | Description |
|---|---|
|
|
Configures the sensor service. Use this file to run the Fortify ScanCentral DAST Sensor Service and a Fortify WebInspect sensor. |
|
|
If you generated a certificate for the DAST API service using the Configuration Tool CLI, this certificate file must be on the host computer where the DAST API container will be running. Note: This file is not downloaded if you use a certificate provided by a certificate authority (CA) or use an existing certificate. |
|
|
If you generated a certificate for the DAST Utility service using the Configuration Tool CLI, this certificate file must be on the host computer where the DAST Utility service container will be running. Note: This file is not downloaded if you use a certificate provided by a certificate authority (CA) or use an existing certificate. |
|
(Linux only) |
Pulls the Fortify WebInspect Linux scanner, database, WebInspect script engine (WISE), and 2FA server images from Docker Hub, and then starts the containers as a DAST sensor. |
|
(Linux only) |
Pulls the Fortify WebInspect Linux scanner image and database from Docker Hub, and then starts the containers as the DAST Utility Service. |
|
|
Pulls images and starts containers for the DAST API, DAST Global Service, and DAST Utility Service. |
|
|
Pulls the DAST API, DAST Global Service, and DAST Utility Service images from Docker Hub, and then starts the containers. |
|
|
Pulls the Fortify WebInspect Windows image or the scanner Linux image from Docker Hub, and then starts the container. |
|
|
Pulls the 2FA Server image from Docker Hub, and then starts the container. For instructions on using the PowerShell script, see Using PowerShell Scripts for the 2FA Server. For information about executing the bash script, refer to your Linux distribution documentation. |
|
|
Pulls the DAST API, DAST Global Service, and DAST Utility Service images from Docker Hub, but does not start the containers. |
|
|
Pulls the Fortify WebInspect Windows image or the scanner Linux image from Docker Hub, but does not start the container. |
|
|
Pulls the 2FA Server image from Docker Hub, but does not start the container. For instructions on using the PowerShell script, see Using PowerShell Scripts for the 2FA Server. For information about executing the bash script, refer to your Linux distribution documentation. |
|
|
Contains the shared secret that all your DAST sensors must use to authenticate with the DAST API. |
|
|
Starts the DAST API, DAST Global Service, and DAST Utility Service containers, but does not pull the images. |
|
|
Starts the Fortify WebInspect container, but does not pull the image. |
|
|
Starts the 2FA Server container, but does not pull the image. For instructions on using the PowerShell script, see Using PowerShell Scripts for the 2FA Server. For information about executing the bash script, refer to your Linux distribution documentation. |
What's Next?
You can use the launch artifacts to pull the DAST API, DAST Global Service, DAST Utility Service, and Fortify WebInspect images from Docker Hub and start the containers. You can accomplish this task in one of the following ways:
-
Using Bash Scripts (For more information, refer to your Red Hat documentation.)