Configuring IAST Communication Service in AppScan Enterprise Server

The IAST Communication service is automatically configured while running the Configuration Wizard.

About this task

This section helps you configure the IAST Communication Service in the AppScan Enterprise server if you need to re-configure the IAST Communication service without running the Configuration Wizard.

Procedure

  1. Login to the system where you have installed the AppScan Enterprise server.
  2. If the IAST Communication service is already running, stop the service HCL AppScan Enterprise IAST Communication Service from the windows services.
  3. Go to the C:\Program Files (x86)\HCL\AppScan Enterprise\IASTService\config.
    Note: The AppScan Enterprise installation folder location may vary depending on your system configuration.
  4. Open the iast_service.properties file that is available in the folder.
  5. In the iast_service.properties file, find each of the configuration property line and change the configuration details as explained in the following table:
    PropertyConfiguration changes
    jdbc:sqlserver://localhost:1433 Replace localhost with the host details of the SQL server to be used for AppScan Enterprise.
    databaseName=<db_name> Replace <db_name> with the database name to which you have configured the AppScan Enterprise.
    server.ssl.key-store=iast.jks

    Specifies the IAST certificate. The IAST certificate, iast.jks, is available in the IASTService folder.

    Depending on the certificate you are using you can configure the property as follows:
    • If you are using self-signed certificate, retain the default configuration available in this property.
    • If you are using CA certificate, then you must configure the certificate location for this property.
    • If you are using your own Keystore for IAST then you must import it to AppScan Enterprise for the communication to be successful between the two services. For more information, see Importing IAST Keystore into AppScan Enterprise.

    service.ase.url Specify the AppScan Enterprise Liberty URL.

    The following is an URL syntax example representing structure of AppScan Enterprise URL with the components it contains:

    https://<hostname>:<port number of AppScan Enterprise>>/<AppScan Enterprise instance name>

    Where,
    • Hostname: IP address of the server where AppScan Enterprise server is installed.
    • Port number of AppScan Enterprise: The port number to which the AppScan Enterprise server application is configured in the Liberty server. The 9443 is set as a default port number for AppScan Enterprise server application during installation.
    • AppScan Enterprise instance name: AppScan Enterprise server instance.
  6. Save the iast_service.properties file.
  7. Restart the AppScan Enterprise server.
  8. After the server restarts, you must start the IAST service as follows:
    1. Start the service HCL AppScan Enterprise IAST Communication Service from the windows services
      .
      Tip: You can also run startup.bat command that is available at C:\Program Files (x86)\HCL\AppScan Enterprise\IASTService.
    For information about Known Issues and Workarounds, see Known Issues and Workarounds.

Results

The IAST Communication Service successfully starts.

What to do next

You can download and deploy IAST agent on a web server where the tested application is installed.