Upgrade Fortify SSC server from 17.20 to 18.20

Dear All,

We are planning to upgrade our Fortify SSC server from current 17.20 to 19.20 however we need to upgrade first to 18.20 and then to 19.20.

We are on windows and I would like to  understand the steps regarding how we can upgrade the SSC server to 18.20. I went through the documentation wherein there are several steps like, update the SSC.war file, generate the database migration scripts, update tomcat server etc etc however I could not able to understand, from what i should start with.

Could you kindly help me with the steps one by one?

Thanks,

Nitin

 

 

  • Verified Answer

    Nitin,

    Do you have a non-production/test environment in which to perform a dry run of the upgrade? I've found this to be a very helpful means of getting familiar with the upgrade steps prior to performing it production.

    It sounds like you have the basic steps understood, here is a high level sample list of steps I have followed for this upgrade. The installation document contains all these steps and in the order in which you should perform them.

    • Backup Database and put application into Maintenance mode
    • Backup database
    • Update SSC from 17.20 to 18.20
    • Confirm FortifySSC database was backed up and create a backup of the application directory (<tomcat root>\webapps\ssc\)
    • Stop Tomcat
    • Backup existing 17.20 SSC directory <tomcat root>\webapps\ssc\
    • Delete plugin framework folder (c:\users\<user>\.fortify\plugin-framework actual location C:\Windows\System32\config\systemprofile\.fortify\ssc\
    • Remove 17.20 WAR file from Tomcat (<tomcat root>\webapps\ssc\)
    • Deploy 18.20 WAR file to Tomcat home (<tomcat root>\webapps\ssc\)
    • Restart Tomcat
    • Access Fortify SSC portal to continue configuration of 18.20 via web-based wizard
    • Obtain init.token file from C:\Windows\System32\config\systemprofile\.fortify\ssc\
    • In Fortify SSC portal, click Administrators and login using init TOKEN
    • Complete Configuration of SSC - Migrate & Seed Database
    • On the Fortify Software Security Center Setup wizard, click Next until you reach the Datasource step.
    • On the Datasource step, do the following:
      • In the Database username box, type the username for your Fortify SSC database.
      • In the Database password box, type the password for your Fortify SSC database.
      • In the JDBC URL box, type the URL for the Fortify Software Security Center database.
      • In the right panel, click Download Script
      •  
    • Run the dynamically generated ssc-migration.sql script on Fortify SSC database. (For instructions, see "About the Fortify SSC DB Tables and the Schema" on page 56.)
    • After ssc-migration.sql script has successfully completed, click NEXT in web-based migration wizard.
    • On the Database Seeding step, do the following:
    • Browse to locate and select your Process Seed Bundle (Fortify_Process_Seed_Bundle-2018_Q3.zip), and then click Seed Database.
    • Browse to locate and select the Report Seed Bundle (Fortify_Report_Seed_Bundle-2018_Q3.zip), and then click Seed Database.
    • Browse to locate and select your PCI Basic Seed Bundle (Fortify_PCI_Basic_Seed_Bundle-2018_Q3.zip), and then click Seed Database.
  • Dear Rhelsens,
    Thank you very much for the step by step detailed information regarding the SSC upgrade.
    I am creating an execution plan now from these details and will start upgrading. I will keep posted here in case of any issue or question.
  • Hi rhelsens,

    Where can i access this -->Access Fortify SSC portal to continue configuration of 18.20 via web-based wizard?

    I logged into SSC web servers of 17.20 but i couldnt able to see such wizard?

  • Hi,

    Immediately after you deploy a new WAR file, the Fortify SSC portal goes into this maintenance mode where it will be waiting to be configured. That is the only time you would see this Web UI setup wizard. To access the setup wizard and continue, you need to obtain the init.token and enter it on the screen.

    Rodney

  • At this point you will want to go ahead and access the SSC portal in your browser: http://localhost:8080/ssc

    You may need to adjust the URL based on how Tomcat is setup (SSC, port, etc.). Once you access that page, you will be prompted to enter the initialization token. After entering the initialization token you can proceed with configuring your SSC instance.

  • Hi Rodney,
    yes we have our Dev environment which i can use to play around with.
    regarding the wizard, did you mean that, once i put the new SSC.WAR file in the tomcat\webapp folder, it the URL which we are using to launch the Dev SSC server will go into the maintenace mode?
    Also, i tried to find the init.token in the current infrastructure but i couldn't find anywhere (Not even here -->C:\Windows\System32\config\systemprofile\.fortify\ssc\). Also,i cant find the token in the newly downloaded 18.20 unzipped folders. Where can i get that token in order to proceed with?
  • When upgrading, there are two steps required:

    1. Stop Tomcat
    2. Copy the new ssc.war file into the webapps directory
    3. Delete the SSC folder
    4. Start Tomcat
    5. Locate your init.token

    If you do not delete the old ssc folder you may not get a new init.token generated. The location of the fortify.home location on Windows depends on what account the Tomcat service is running as.

    fortify.home = %USERPROFILE%\.fortify

    %USERPROFILE% depends on what account the Tomcat service is running as. Not necessarily who it was installed as.

    Named Account C:\Users\<username>
    LocalSystem [Default] %WinDir%\System32\config\systemprofile
    LocalService %WinDir%\ServiceProfiles\LocalService
    NetworkService %WinDir%\ServiceProfiles\NetworkService

     

    If you want to save your configuration properties file in a directory other than the default shown, on Tomcat Server, specify a different path for the JVM system property fortify.home.
    Example: -Dfortify.home=/home/fortify

  • Thanks much ebell. I will have a look on it today and post it here if i have any issues or don't find anything ill post it here. Since the current infra is very much different from the documentation, i am finding this bit hard to relate between these two. Thanks again
  • Thanks rhelsens. I could successfully do the upgrade from 17.20 to 18.20 however on the UI i am getting an error "Indexing Error - Contact Administrator" (Tool tip reads, an Error occurred while indexing search results. Please contact administrator)

    Do you have any idea how any idea about this error?
  • Glad to hear you got it installed.

    I had this error occur to me as well during one install. Look for the setting searchIndex.location = in your app.properties file, which located on the server where you installed Fortify SSC.

    On my installation, these files are located here: C:\Windows\ServiceProfiles\LocalService\.fortify\ssc\conf\

    Enter a valid directory name (or leave it blank to disable search indexing).

    This setting indicates a directory to use to store indexed search results