Installing the AppScan Central Platform

Installing the AppScan Central Platform is a three-part process:
  1. Download and extract ASCP installer files to a target installation directory.
  2. Preconfigure AppScan 360° settings.
  3. Install ASCP with components configured in step 2.
Note: Perform all installation and configuration activities as an Administrator on the target system.

Downloading and extracting installation files

To extract ASCP installation files:
  1. Download the ASCP installer from HCL License and Download Portal.
  2. In the folder to which the installer was downloaded, run the executable file:
    [AppScan360 installer].exe

    This creates and populates a folder named AppScan360 in the folder in which it is run.

  3. To specify a different destination folder, specify the destination on the command line: 
    [AppScan360 installer].exe -o"[c:[destination]"

Preconfiguring AppScan 360° settings

To preconfigure AppScan 360° settings:
  1. In the extraction directory, locate the install.config file and open it in a text editor.
  2. Edit the parameters in the file according to your requirements. These parameters are critical for AppScan 360° to function.
    Note: The supported certificate formats are PFX or Certificate and Key pair (PEM).
Table 1. Required parameters
Parameter Description
DB_NAME=<AppScan360_db_name> Database name. It is created at the database instance provided below.
DB_HOST=<db.domain.com> The name of the machine with MSSQL server installed.
DB_USERNAME=<db_admin_username> A database user with db-creator permissions.
DB_PASSWORD=<db_admin_password> The password for the above user.
Table 2. Optional parameters
Parameter Description
SAST_SERVICE_FQDN=<sast.domain.com> Static analysis FQDN (without scheme or path).
USE_EXTERNAL_SERVER_CERTIFICATE=<True/False> Configure this option if you want to use your own PFX format certificate for your AppScan 360° web application. If you do not, a self-signed PFX format certificate is generated during the installation process. This option affects the next four parameters.
PFX certificate
SERVER_PFX_FILE_PATH=<absolute path to PFX file> The path to your PFX certificate file.
SERVER_PFX_FILE_PASS=<password> The password for the PFX certificate file.
Note: If you configure your own PFX file, any CRT file parameters will be ignored.
PEM certificate
SERVER_CRT_FILE_PATH=<absolute path to CRT file> The path to your PEM certificate file.
SERVER_KEY_FILE_PATH=<absolute path to KEY file> The path to your PEM certificate key file.
Self-signed certificate
CUSTOM_USERSITE_FQDN=<site.company.com> If you choose not to use your own certificate, a self-signed certificate is created for you. You can specify here the DNS name of your choice. Make sure this FQDN is DNS resolvable.
LDAP
USE_LDAP=False To enable LDAP authentication, set to True.
LDAP_USERNAME= User with LDAP read permissions.
LDAP_PASSWORD= Password for the above user.
LDAP_DOMAIN= LDAP domain.
EXTERNAL_IDP_MODE=AutoOnboard Define your method for on-boarding new users:
  • AutoOnboard: Any user with access to the server can log in to AppScan 360°.
  • GroupsAccess: Any user in an authorized group (defined below) can log in to AppScan 360°.
  • ManualOnboard: Users must be invited using the Add Users button on the Access management > Users page.
LDAP_AUTHORIZED_GROUPS= When EXTERNAL_IDP_MODE is set to GroupsAccess, list the name(s) of the groups whose members will be authorized automatically.
SMTP
MAIL_SMTP_HOST= SMTP server host name.
MAIL_SMTP_PORT= SMTP server port.
MAIL_SMTP_ENABLE_SSL= Use SSL For SMTP.
MAIL_SMTP_USERNAME= SPTP server username.
MAIL_SMTP_PASSWORD= SMTP server password.
MAIL_SMTP_SITE_URL= Site URL. Used to create a link in the emails.

3. Installing AppScan Central Platform

The install process sets up websites on ports 80, 443, and 8081. To avoid conflicts, make sure that no existing site on the installation machine uses any of these ports.

Ports 80 and 443 must be open for all AppScan 360° users in your organization.

This process installs peripheral software, updates Windows Server features, creates IIS components, and configures the products based on the AppScan 360° settings you configured.

To install the AppScan Central Platform:
  1. Open Windows PowerShell as an Administrator.
  2. Navigate to the AppScan 360° installation folder and run:
    .\install.ps1 -installdb
    After a few minutes, a confirmation shows that AppScan 360° is installed and ready to use.
    Important: To run scans you must activate AppScan 360° with a license key.
    Note: During this process, a copy of install.config, named ascp.config is saved in the same folder. This will be used when upgrading, to preserve your configuration.