Installing OpenText SAST

To install OpenText SAST:

Run the installer file for your operating system to start the OpenText SAST Setup wizard:
- Windows: OpenText_SAST_Fortify_windows-x64_<version>.exe
- Linux: OpenText_SAST_Fortify_linux-x64_<version>.run or OpenText_SAST_Fortify_linux-arm64_<version>.run
- macOS: OpenText_SAST_Fortify_osx-x64_<version>.app.zip or OpenText_SAST_Fortify_osx-arm64.app.zip
  
  Uncompress the ZIP file before you run the APP installer file.
- AIX: OpenText_SAST_Fortify_aix-ppc64_<version>.run
where <version> is the software release version, and then click Next.
Review and accept the license agreement, and then click Next.
(Optional) Select components to install, and then click Next.
If the installer detects that the system does not include the minimum software required to analyze some types of projects, a System Requirements page displays any missing requirements and which projects require them. Click Next.

See Software requirements for all software requirements.
Choose where to install OpenText SAST, and then click Next.

If you selected to include Fortify ScanCentral SAST client with the installation in step 3, then you must specify a location that does not include spaces in the path.

Do not install OpenText SAST in the same directory where OpenText™ Application Security Tools is installed.
Specify the path to the fortify.license file, and then click Next.
(Optional) On the LIM License page, select Yes to manage your concurrent licenses with Fortify License and Infrastructure Manager (LIM), and then click Next.

When OpenText SAST performs a task that requires a license, the application will attempt to acquire a LIM lease from the license pool. If OpenText SAST fails to acquire a license due to a communication issue with the LIM server, it will use the Fortify license file. To change this behavior, use the com.fortify.sca.lim.WaitForInitialLicense in the fortify-sca.properties file (see LIM license properties).
1. Type the LIM API URL, the license pool name, and the license pool password.
2. Click Next.
  
  The LIM Proxy Settings page opens.
3. If connection to the LIM server requires a proxy server, type the proxy host (hostname or IP address of your proxy server) and optionally a port number.
4. Click Next.
To update the security content for your installation:

For deployment environments that do not have access to the internet during installation, you can update the security content using the fortifyupdate command-line tool. See Manually installing Fortify security content.
1. Type the web address of the update server.
  
  To use the Fortify Rulepack update server for security content updates, keep the web address https://update.fortify.com. You can also use Fortify Software Security Center as the update server.
2. (Optional) If connection to the update server requires a proxy server, type the proxy host and port number.
3. If you want to update the security content manually, clear the Update security content after installation check box.
4. Click Next.
Specify if you want to migrate from a previous installation on your system.

Migrating from a previous installation preserves OpenText SAST artifact files. For more information, see About upgrading OpenText SAST.

You can also migrate artifacts using the scapostinstall command-line tool. For information on how to use the post-install tool to migrate from a previous installation, see Migrating properties files.

To migrate artifacts from a previous installation:
1. On the OpenText SAST (Fortify) Migration page, select Yes, and then click Next.
2. Specify the location of the existing installation on your system, and then click Next.
To skip migration of artifacts from a previous release, leave the migration selection set to No, and then click Next.
Click Next on the Ready to Install page to install OpenText SAST, any selected components, and Fortify security content.

If you selected to update security content, the Security Content Update Result window displays the security content update results.
Click Finish to close the Setup wizard.