Fortify SSC HA and Tomcat Compatibility


We are currently evaluating if there’s a way to implement high availability in Fortify SSC. We saw in the forum that the in the version 17.10 its not supported and we would like to know if in the 20.02 version this feature is possible to implement.

Is it possible to implement high availability throw the tomcat in a similar way as the image bellow?

Best Regards

  • Hi, this question should be posted in the Fortify discussion forum - I will move it for you


    Raquel Winkler
    Micro Focus Community Manager
    If you found this post useful, give it a “Like” or use “Verify as Answer”.

  • At this time, the Fortify SSC Server does not support HA (High Availability) in terms of its application server (Tomcat).  I believe the hidden, multi-release re-architecting being done will lead to this, but our Product Managers have not specified a timeline for this.

    An alternative you might consider is to utilize the Docker image for SSC Server, coupled with a HA implementation of your SSC database server.  The Docker image "ssc-webapp" can be tossed and replaced with each release, while all the true data is retained in the SSC database.  Since SSC connects to its database as a "dumb client" (it merely uses the connection details provided), so SSC is unaware of the presence of High Availability or even encryption at the database level.  So long as you keep frequent back-ups of the database, you can recover from disaster rather quickly with this Docker method.