Skip to main content

Adding a CxEngine Server

This section explains how to install a CxEngine Server on a separate station. This can be as part of a distributed installation or simply to add an additional CxEngine server to an existing installation later on.

Workflow

If you add a CxEngine to an existing CxSAST system, pre-requisites are already in place. If you install CxEngine as part of a new distributed installation, you must install the components in the order outlined below. A distributed architecture refers to a scenario where the server components are 'distributed' over multiple dedicated servers and not installed all on the same server as explained here.

  1. Installing CxManager. CxManager manages and integrates system components and contributes the JSON file with the engine settings that you need at a later stage.

  2. Installing and Configuring ActiveMQ. The ActiveMQ manages the messaging queues and contributes the Message Queue parameters that are going to be loaded together with the engine configuration.

  3. Installing and Configuring the Web Portal. Must be installed before installing CxEngine as part of installing CxEngine is logging on to and registering the new engine via the web portal.

  4. Installing CxEngine. The CxEngine performs the code scans.

Notice

When installing in Silent Mode, you have to use the Silent Reconfigure option to complete the installation. For further information, refer to Silent Installation.

When you install the CxEngine Server, you import the engine configuration settings stored in a JSON file that you retrieve from CxManager.

Notice

If CxManager and ActiveMQ are not available to the CxEngine installation, the installation cannot complete.

Installing the CxEngine Server

If you see that your scan load requires an additional CxEngine server, you can add one as follows:

  • Prepare the environmentfor the new CxEngine.

  • Verify that the pre-requisites are in place and start the CxSAST installation. Once the Installation Options window is displayed, click Select to define the CxEngine installation location.

To start installing the CxEngine:

  1. Select Install Engine only.

    6436169437.png
  2. Click <Next> to continue. The Prerequisites Check window is displayed, showing the status of the required components to install the CxEngine server.

    6436169428.png
  3. For any prerequisite component not installed, click <Prerequisites Folder> to browse for and install each missing prerequisite component.

    Note: In addition to version 2010, the CxEngine Server requires C++ Redist Version 2015.

  4. After the missing prerequisite component(s) have been installed, click <Recheck Prerequisites> to confirm the updated prerequisite status.

  5. When all prerequisite components are installed, click <Next> to display the Engine Configuration window.

    6436169422.png

To set up the CxEngine:

  1. Enter the service endpoint URL in the Engine Service Endpoint field, which reads something like http://<engine name>.<location.domain>:<port number>, for example http://engine1.checkmarx.com:8088.

    Note:

    o Errors in the URL such as an illegal port result in an error indication

    6436169425.png

    and you cannot continue the process until the error is corrected.

    o The CxEngine Server uses port 8088 by default. You can also use a different port, although it is not recommended.

    o All the CxEngine Server settings can be viewed and edited in the Windows Properties once the engine is configured and running.

  2. To open the required port in the Windows firewall, check Add this Port to Firewall Inbound Rule.

  3. To enable encryption via TLS, check Enable TLS.

  4. On the host with CxManager installed, open the file explorer and navigate to the installation folder, for example C:\Program Files and from there to ..\Checkmarx\Tools\Engine Configuration Exporter.

  5. Run EngineConfigExporter.bat. Two new folders are created, Logs and Output. The engine configuration file engineConfiguration.json is generated in the Output folder.

  6. Go to the Output folder and copy engineConfiguration.json to a location of your choice on the CxEngine station.

  7. To invoke the engine parameters, click <Import Engine Configuration>. The file explorer opens.

    6436169419.png
  8. Navigate to the file location engineConfiguration.json file's location and click <Open>. The Engine configuration is imported and displayed in the relevant fields of the Engine Configuration dialog box.

    Note:

    o The imported parameters cannot be entered or edited manually in the Engine Configuration dialog box.

    o The engine configuration is available for editing as Windows Environment Variables. For additional information, refer to the relevant page.

    6436169416.png
  9. Click <Next>. The Setup Summary window is displayed.

    6436169446.png
  10. Check the setup summary according to your selection.

  11. Click <INSTALL> to continue, The Installation in Progress window is displayed and the installation proceeds, which may take a few minutes.

    o To return to the previous window, click <BACK>.

    o To exit, click <X>.

    6436169449.png
  12. Once successfully installed, theInstallation Completed Successfully window is displayed.

    6436169452.png
  13. Click <CLOSE> to complete the installation.

  14. Log into the CxSAST web interface.

  15. Go to Settings > Application Settings > Engine Management. The Engine Management window is displayed.

    6436169410.png
  16. Click <Register Engine Server>. The Register Engine Server window is displayed.

  17. Assign a Server Name to the engine, and provide the Server URL to enable CxManager to communicate with CxEngine. The URL is something like http://<server>:<port> (where <server> is the CxEngine host's IP address or a resolvable name), for example http://engine1:8088.

  18. Click <Update>.

  19. Restart the CxScansManager service so that the new engines can be placed into the rotation.