Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Highlighted
Super Contributor.. ellerm Super Contributor..
Super Contributor..
3262 views

Fortify CloudScan Error

I am in the process of setting up cloudscan.  I created the controler using a secret rather than a hard coded password.  I also created a sensor using a secret for the worker as well.

Everything was working fine from what I can tell until I tried to set up SSC.  When I copied the secret from the config.properties on the controller and put it in SSC I began getting errros about not being to decode the secret.  I opened a ticket with support and they asked me to run some DB updates.  After I did that it still doesn't work but now I'm getting SSC errors all the time, looking at the ssc.log I see the below error.  Anyone run into this on SSC 16.20

[ERROR] com.fortify.manager.service.cloudscan.CloudCtrlSyncServiceImpl - Failed to retrieve updates from CloudScan controller at http:&#x2F;&#x2F;<server name>:8080&#x2F;cloud-ctrl (IllegalArgumentException - Base64 encoded data must have a length that is a multiple of 4)

 

DB Commands support had me run:

1. The cloud controller address -- I used the address from the case description, but please double check it for accuracy before applying:
UPDATE configproperty SET propertyValue = 'http://<address>:8080/cloud-ctrl' WHERE propertyName = 'cloud.ctrl.url';

2. The cloud scan shared secret -- please replace the <SECRET> placeholder below with the secret you have defined in the controller:
UPDATE configproperty SET propertyValue = '<SECRET>' WHERE propertyName = 'ssc.cloud.ctrl.secret';

3. To enable the polling:
UPDATE configproperty SET propertyValue = 'true' WHERE propertyName = 'cloud.ctrl.poll.enabled';

 

Labels (2)
Tags (3)
0 Likes
1 Reply
Super Contributor.. ellerm Super Contributor..
Super Contributor..

Re: Fortify CloudScan Error

Support solved my issue. 

When setting up cloudscan with SSC, SSC asks to input the "SSC and CloudScan controller shared secret" it wants the actual password for the controller not the secret that is created with pwtool.  When I input the secret from the config.properties file I was getting an error about not being able to decode the secret.  After initially talking to support she had me manually update the database with the secret.  This caused even more issues since when you input the password on the GUI it is base64 encoded and stored in the database.  By storing an already base64 encoded value in the DB it's creating more issues.  Hopefully this is helpfu to someone.  The documentation is pretty sketchy in my opinion.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.