Skip to main content

Setting Up the Visual Studio Plugin

Notice

  • The current version of the Visual Studio plugin supports Visual Studio 2019 and Visual Studio 2022.

  • The CxSAST Visual Studio plugin within the repository is only compatible with the latest CxSAST version. Therefore, any previous version of the CxSAST Visual Studio plugin must be upgraded to the current version by uninstalling any previous version of the CxSAST Visual Studio plugin using Add/Remove Programs and Features.

To install and configure the CxSAST Visual Studio plugin:

  1. Shut down the Microsoft Visual Studio application.

  2. Navigate to https://www.checkmarx.com/plugins/ and download the CxSAST Visual Studio Plugin zip archive.

  3. Extract the zip archive to a folder of your choice.

  4. Navigate to and double-click the included .vsix file to install the Visual Studio plugin.

  5. Confirm any security warnings and run the installation wizard. Make sure to select the relevant Visual Studio version or versions.

  6. Once the installation is complete, start Visual Studio and go to Tools > Options > CxViewer > Authentication. The exact location of the Authentication section depends on the version in use. The Authentication window is displayed.

  7. Enter the URL of the CxSAST server into the Server URL field, for example, http://<server_name>.

  8. Click <Login> to authenticate. By default, the Access Control Login page appears in your browser.

Notice

In addition, the Visual Studio plugin supports authenticating via its login prompt.

To enable authentication via this login prompt:

  1. Go to the File Explorer and navigate to the CxVSPlugin.conf file, which is located under \Visual Studio 2019\Settings.

  2. Open CxVSPlugin.conf and add the following XML tag under the <LoginData> XML tag.

    <AuthenticationType>username_password</AuthenticationType>

  3. If the <AuthenticationType> tag is already present, change its value from access_control to username_password.

  4. Restart Visual Studio.

Notice

The Logout button can log in using a different user or server.

To enable TLS Or SSL server certificate Validation:

  1. Go to the File Explorer and navigate to the CxVSPlugin.conf file, which is located under \Visual Studio 2019\Settings or \Visual Studio 2022\Settings.

  2. Open CxVSPlugin.conf and add the following XML tag under the <LoginData> XML tag: <EnableTLSOrSSLServerCertificateValidation>true</EnableTLSOrSSLServerCertificateValidation>

  3. If the <EnableTLSOrSSLServerCertificateValidation> is already present, change its value to true or false.

    • If true, it will validate server-side certificate details.

    • If false, server-side certificate validation will skip.

    • By default, EnableTLSOrSSLServerCertificateValidation is true.

To disable optimizing rendering for screens with different pixel densities:

  1. In Visual Studio, select Tools from the menu. The Tools menu appears.

  2. From the Tools menu, select Options. The Options dialog appears.

  3. Select General and ensure the Optimize Rendering for Screens with different Pixel Densities checkbox is cleared, as illustrated below.

  4. Click <OK> to apply your settings. You have to restart Visual Studio for the change to take effect.

    Eclipse_27.png

Notice

Disabling this option is crucial. If it remains enabled, scan results may not appear.

To validate the version of the installed plugin:

  • Navigate to Extensions > Manage Extensions and confirm that the correct version is listed.

To remove the Visual Studio plugin:

  • If you need to remove the plugin, unbind all projects and follow the instructions to uninstall the Checkmarx plugin.