AppScan Enterprise Server SSL certificates

When the AppScan® Enterprise Server is installed, it should be configured to use a valid SSL certificate. If this is not done, you will receive an untrusted connection message when logging in to the server from AppScan Source for Analysis or the AppScan Source command line interface (CLI) - or AppScan Source for Development on Windows™ and Linux™.

SSL certificate storage location

Certificates that have been permanently accepted are stored in <data_dir>\config\cacertspersonal and <data_dir>\config\cacertspersonal.pem (where <data_dir> is the location of your AppScan Source program data, as described in Installation and user data file locations). Remove these two files if you no longer want the certificates permanently stored.

AppScan Source for Automation and SSL certificate validation

By default, certificates are automatically accepted when using AppScan Source for Automation. This behavior is determined by the ounceautod_accept_ssl setting in the Automation Server configuration file (<data_dir>\config\ounceautod.ozsettings (where <data_dir> is the location of your AppScan Source program data, as described in Installation and user data file locations)). If this setting is edited so that value="true" is set to value="false", SSL validation will be attempted and logging in or publishing to AppScan Enterprise Console will fail with error if an invalid certificate is encountered.

AppScan Source command line interface (CLI) and SSL certificate validation

By default, when using the CLI login command, SSL validation will be attempted and logging in or publishing to AppScan Enterprise Console will fail with error if an invalid certificate is encountered (if you have not already permanently accepted the certificate while logging in via another AppScan Source client product). This behavior can be modified by using the option -acceptssl parameter when issuing the login command. When this parameter is used, SSL certificates are automatically accepted.