License Unavailable status in SSC > Scancentral DAST scan

I have 2 VMs, one for DAST Controller components (global service, dast api, lim) and another one for DAST Sensor. I installed the DAST Sensor using the PS script screated during installation of the DAST Controller. 

After running a scan from SSC, the scan status keep showing "License Unavailable"

The Sensor log captures below:

Can someone help me if I missed out anything? 

  • 0  

    There are a couple of things to look at:

    1. Is there a license available for a scanner?
    2. Are your scanners configured for the proper LIM pool?
    3. Is your LIM in a container as well? If so, have you rebuilt the container? If yes, have you logged into the LIM and clicked the Update button?
    4. What do the WI logs mention?
  • Verified Answer

    +1 in reply to   

    Hi Ethan, thank you for your suggestions. I have fixed the errors and here are my findings:

    1. Is there a license available for a scanner? => Yes
    2. Are your scanners configured for the proper LIM pool? => Yes
    3. Is your LIM in a container as well? If so, have you rebuilt the container? If yes, have you logged into the LIM and clicked the Update button? => Yes
    4. What do the WI logs mention? => It says "Unable to activate license"

    Extra: After reading logs and checking the DAST setting I found out I did a careless mistake in the YAML setting file to setup the DAST. I put in wrong URL for the LIM API URL.

    Here I changed the URL and redeploy DAST:

    From my findings, the controller is not able to fetch the license due to the incorrect URL. So, after changing the URL to the right one, the controller is now able to fetch the license.

    Another thing I learn: It is important to note that we need to only delete the DAST component containers in docker (leave the LIM container alone). Then, proceed to redeploy the YAML setting file.

    [Edit to blur information.]

  • 0   in reply to 

    That is a common mistake and would happen in WebInspect as well.

    Yes, you are correct. The LIM container should rarely need to be deleted. This is one reason not to include it in your K8s deployment.