Recording Proxy tab
Tools > Options > Recording proxy tab
Use this tab to configure AppScan to act as a proxy for external browsers, or for manually exploring non-SOAP web APIs using either a remote device (such as a mobile phone), or a local application (such as a simulator or emulator).
Option |
Description |
---|---|
AppScan proxy port |
|
Proxy Port |
Specifies which port AppScan uses. When using AppScan as a proxy server you need to configure the external browser or mobile device to use this port. Select whether AppScan selects an available port automatically, or lets you choose the port. Note that if the port is chosen automatically it may change between sessions, and you will therefore need to re-configure your mobile device. |
External connections |
|
External Connections |
This setting determines which connections
to external domains are accepted.
|
White List |
Connections from IPs listed here will be accepted automatically. To add new IPs to the list, click , and select an option:
|
AppScan SSL certificate If the server uses HTTPS, since AppScan has to act as a proxy in order to record the traffic between the web service and the device you use to manually explore, it will be sending SSL certificates to the device instead of the web service's certificate. When a browser receives an unrecognized certificate it typically warns the user with a pop-up, but in the case of a mobile device the request is usually just ignored. It is therefore impossible to explore the application unless the AppScan certificate is accepted on the device sending the requests. |
|
Add |
Adds the AppScan SSL certificate to the root certificates on this machine. You must do this to allow sending requests to the web service. The AppScan certificate
will be added to the root certificate, and requests from the web service to the simulator
will not be rejected. Note: After you have added the certificate, the
button changes to Remove, and can be used to remove the certificate
from the AppScan machine. |
Export |
Saves the AppScan SSL certificate that is currently installed on this machine, as
a ZIP file, so it can be added manually to the root certificates on a different device.
Note that you do not usually need to do this, as you can import the certificate directly
from the device in most cases.
Note: This option is active only if the certificate is already
added to the root certificates on this machine. Attention: The AppScan certificate that is exported must be identical to the
one installed locally. If you Remove the local certificate and then
Add again, you must also reinstall it on the device, as the new
certificate is not identical to the previous one. |
For more information, see Using an external client