Configuring clients

After you install the Fortify ScanCentral SAST client, you can encrypt shared secrets and configure client settings such as connection and read timeouts, proxy settings, and more.

To configure the Fortify ScanCentral SAST client:

  1. On the client machine, open the <client_install_dir>/Core/config/client.properties file in a text editor.

  2. Configure the properties described in the following table.

    Client propertyDescription
    client_auth_token

    Specifies a client authentication token string that contains no spaces or backslashes to secure the Controller for use by authorized clients only. Set the same value for the client_auth_token property that you set for the client_auth_token property on the Controller.

    If you prefer not to use plain text, you can use an encrypted shared secret as the value for this property. For instructions on how to encrypt a shared secret, see Encrypting the shared secret on a client.

    pwtool_keys_file

    Specifies the path to a file with pwtool keys. If encrypted passwords are used, this must specify a file with the pwtool keys used to encrypt the passwords. For more information, see Encrypting the shared secret on a client.

    restapi_connect_timeout

    Specifies the Controller connection timeout (in milliseconds). The default value is 10000 (or 10 seconds). You can use this, and the restapi_read_timeout property to resolve timeout errors between the Controller and the client.

    restapi_read_timeout

    Specifies the Controller read timeout (in milliseconds). The default value is 30000 (or 30 seconds). You can use this, and the restapi_connect_timeout property to resolve timeout errors between the Controller and the client.

    use_system_gradle

    If set to true, Fortify ScanCentral SAST uses the Gradle included in the PATH environment variable. By default, Fortify ScanCentral SAST uses the Gradle wrapper included in the project being analyzed.

    debricked_cli_dir

    (OpenText Core Application Security users only) Specifies a custom location for the Debricked CLI installation.

    For a description of the proxy-related properties for clients, see Configuring proxies for clients and sensors.

  3. Save and close the client.properties file.

See also

Configuring proxies for clients and sensors

Configuring the Controller

This section contains the following topics: