Installing a sensor using OpenTextSAST

The following procedure describes how to create a new sensor. For information about how to upgrade an existing sensor, see Upgrading OpenText ScanCentral SAST Sensors.

If you use Windows, you can install the sensor as a Windows service. For instructions, see Installing a Sensor as a Service.

To install a sensor, you must install the OpenText ScanCentral SAST client in addition to the OpenText SAST installation.

To install OpenText ScanCentral SAST client:

  1. Obtain OpenText ScanCentral SAST client either from:
    • OpenText ScanCentral SASTController downloaded package from Software Licenses and Downloads (SLD) portal .
    • An existing instance of the OpenText ScanCentral SASTController.
    • https://tools.fortify.com/scancentral/Fortify_ScanCentral_Client_<version>_x64.zip, where <version> is in the format <year>.<quarter>.<patch>. For example, 25.4.0.
  2. You can either install OpenText ScanCentral SAST client in the same directory as OpenText SAST or install it in some other directory and set the SAST_LOCATION environment variable:
    • Unzip the contents and copy it to the OpenText SAST installation directory (overwrite the files). Or,
    • Unzip the OpenText ScanCentral SAST client to any directory and set the SAST_LOCATION environment variable with the value of the OpenText SAST installation.

To install a sensor:

  1. Use the instructions provided in the OpenText™ Static Application Security Testing User Guide to install OpenText SAST.

  2. Install the OpenText ScanCentral SAST client (see the Install ScanCentral client procedure above).

  3. Open the <sast_install_dir>/Core/config/worker.properties file in a text editor.

    The <sast_install_dir> is only valid if the user installs the OpenText ScanCentral SAST client in the same directory as the OpenText SAST. Otherwise, this worker.properties file is under the OpenText ScanCentral SAST client installation directory.

  4. Specify a value for the worker_auth_token property.

    If you are using a plain text password, use the password set for the worker_auth_token property in the Controllerconfig.properties file.

    Alternatively, you can set the worker_auth_token using the SCANCENTRAL_VM_OPTS environment variable, like SCANCENTRAL_VM_OPTS=-Dworker_auth_token=<token>For information, see Configuring sensor properties.

    For information about how to generate an encrypted shared secret, see Encrypting the Shared Secret on a Sensor.

  5. Save and close your worker.properties file.

See also

Configuring the Controller

OpenText SAST Mobile Build Session Version Compatibility

Configuring sensor properties