Situation
When trying to upload a FPR to a SSL enabled SSC returns the following error in the pipeline job log
eg
022-07-27T19:46:52.8744990Z ##[debug]task result: Failed
2022-07-27T19:46:52.8770577Z ##[error]request to https://mysschost:8443/ssc/api/v1/tokens failed, reason: unable to verify the first certificate
Cause
The Fortify Azure plugin after version 8.6 no longer using the fortifyclient to upload results to SSC. It now uses SSC's REST API to upload the results to SSC which now requires creating a certificate file that is passed using a system environment variable called “NODE_EXTRA_CA_CERTS” on the Azure agent host machine.
This is documented in the following link
https://www.microfocus.com/documentation/fortify-azure-devops-extension/8.8/AzureDO_Ext_Help_8.8/index.htm#AzureDevOpsExt.htm?Highlight=NODE_EXTRA_CA_CERTS
Read Full Knowledge Base Article for Resolution.
Support
Documentation
Learning Services
Partner Programs
