Requirements for using the Fortify Analysis Plugin
Make sure you meet the following requirements, which depend on how you analyze your code and if you will upload your analysis results to Fortify Software Security Center.
To scan your code, you must have either:
A locally installed and licensed OpenText SAST with Fortify Security Content
For installation instructions, see the OpenText™ Static Application Security Testing User Guide .
A local ScanCentral SAST client and a properly configured ScanCentral SAST installation
You can install ScanCentral SAST client, as a component with the OpenText™ Application Security Tools installation or from a ScanCentral SAST ZIP archive.
The ScanCentral SAST client is no longer included in the OpenText SAST installer. The ScanCentral Client needs to be installed separately in order to run SAST as a ScanCentral SAST Sensor.
To upload the analysis results to Fortify Software Security Center, you need the following:
The Fortify Software Security Center URL
A user account with permission to upload to application versions
If Fortify Software Security Center uses an SSL connection from an internal certificate authority or a self-signed certificate, you must import the certificate into the Java Runtime Environment (JRE) certificate store. See the IntelliJ IDEA or Android Studio documentation for more information. The following is an example of the certificate storage location:
<IDE_install_dir>/jbr/lib/security/cacerts.
See Also