Proxy Port |
Specifies which port ADAC uses. When using ADAC as a proxy server
you need to configure the external browser or mobile device to use
this port. Use the check box to select whether ADAC selects an
available port automatically, or lets you choose the port. Note that if the port is chosen
automatically it may change between sessions, and you will therefore need to re-configure
your mobile device. |
External Connections |
This setting determines which connections
to external domains are accepted.
- Reject all
- (Default) Connection attempts from all external IPs will be rejected.
Use this setting only if you will be exploring using an application
on the same machine as AppScan.
- Accept white list only
- Connections from external IPs that appear on the white list will
be accepted; all others will be rejected.
- Accept white list and prompt for others
- Connections from external IPs that appear on the white list will
be accepted automatically; for all others the ADAC user will be prompted,
with the option of adding the new IP to the white list. Note that
prompts are seen only if the External Traffic Recorder is open.
|
White List |
Connections from IPs listed here will be
accepted automatically. To add new IPs to the list, click  , and select an option:
- To add a single IP to the list, type in the IP and optionally
a description.
Tip: If you will be using a remote device
but are not sure of its IP address, or if it changes frequently, select White List and prompt for others. The first time the
device connects with a new IP, a pop-up appears giving you the option
to add it to the white list.
- To add a range of IP addresses, add an IPv4 address and
subnet mask, or an IPv6 address and subnet prefix length, and optionally
a description.
|
AppScan SSL Certificate |
If the server uses HTTPS, since ADAC has to act as a
proxy in order to record the traffic between the web service and the device you use to
manually explore, it will be sending SSL certificates to the device instead of the web
service's certificate. When a browser receives an unrecognized certificate it typically
warns the user with a pop-up, but in the case of a mobile device the request is usually
just ignored. It is therefore impossible to explore the application unless the AppScan
certificate is accepted on the device sending the requests.
- Add
- Adds the AppScan SSL certificate to the root certificates on this machine.
- You must do this to allow sending requests to the web service. The AppScan
certificate will be added to the root certificate, and requests from the web service to
the simulator will not be rejected.
Note: After you have added the certificate, the
button changes to Remove, and can be used to remove the
certificate from the AppScan machine.
- Export
- Saves the AppScan SSL certificate that is currently installed on this machine,
as a ZIP file, so it can be added manually to the root certificates on a different
device. Note that you do not usually need to do this, as you can import the certificate
directly from the device in most cases.
- In ADAC, click Manual Explore > > Using External Device
The External Traffic Recorder opens
with status "Waiting for incoming connections". Important: Leave it open
for the next sub-steps.
- On the mobile device, browse to
http://appscan
- In AppScan, if you are prompted to allow an incoming connection from your device,
click OK.
When the device connects successfully to AppScan as
its proxy, a message (on the device) confirms the connection, IP and port. If the
certificate is installed on the AppScan machine, it also provides a button to install
it on the device. Note: If the button is grayed out, the certificate is not installed
on the AppScan machine. Note: The device's domain and request will appear in
the External Traffic Recorder lists.
- On the mobile device, tap Install AppScan SSL
Certificate
The certificate is installed. Note: If the device is unable
to access the application you are testing after this procedure, you need to install
the certificate (onto the remote device or application) manually:
- In ADAC, open Options > Recording Proxy
- Click Export and save the certificate as a ZIP
file.
- Install the certificate as a root certificate on the device or
application.
- When finished, click Cancel on the External Traffic
Recorder, to close it.
Note: This option is active only if the certificate is already added to the root
certificates on this machine. Attention: The AppScan
certificate that is exported must be identical to the one installed locally. If you
Remove the local certificate and then
Add again, you must also reinstall it on the device, as the new
certificate is not identical to the previous one.
|