Skip to main content

Installing the IAST Management Server under Linux

This section describes the process of installing IAST for Linux using the command line interface (CLI).

  1. In the CLI, copy the installation file by entering CXIAST.sh

  2. Make the file executable by giving it permission, for example: sudo chmod +x CXIAST_3.3, and press <Enter>; you are prompted to confirm that you want to install Checkmarx IAST. Press <o,Enter> to continue, and the user agreement is displayed.

  3. Scroll and read to the end of the agreement and press <1> to accept the agreement, and you will be asked where to install Checkmarx IAST.

  4. A default location is provided. You may press <Enter> to accept the default location, or enter a different location, and press <Enter> to continue.

  5. Once a location has been selected, you will be prompted to select which components you would like to install:

    X: IAST Server – for installing the main server.

    2: Demo Server – for demos, POCs, testing, etc.

    Press <Enter> and add a comma-separated list of the selected values or press <Enter> for the default selection, and you are prompted to the port configuration.

  6. The port configuration offers default options for the Server and Authentication HTTPS ports (as well Demo Environment HTTPS port of Demo Server). You may select the default ports by pressing <Enter>, or enter you own ports and then pressing <Enter>, where you will be prompted to DB Configuration.

  7. As above, the DB Configuration Server offers a default option, which you may select by pressing <Enter>, or enter your desired choice and then press <Enter> to proceed to port selection.

  8. Once you have selected a DB Configuration Server, you are prompted to choose a port. To select the default port, press <y, Enter>, which is MS SQL Server default port – 1433. If you wish to use a different port enter <n> and you are prompted to enter a port of your choice.

  9. Once a port has been selected, you asked if you want to encrypt the connection. The default option is ‘no’ <n, Enter>, which will take you to the next step.

    If you select <y>, you will be asked “Trust server certificate?

  10. Select Yes <y, Enter> or No <n> to continue. The instance is displayed.

  11. Press <Enter> to use the default instance that appears or select your own instance name and press enter to continue to authentication.

  12. {SQL Server Authentication} is the only option for authentication. Press <Enter> to continue to select a username.

  13. A default user name is provided. Press <Enter> to use the default name that appears or select your own instance name and press enter to continue enter the DB password.

  14. Type the DBdesired password and press <Enter> to continue to the configuration of the SSL.

  15. The configuration of the SSL is optional. To skip this step and complete instalation, select <n, Enter>, and the system begins extracting files

    If you select Yes <y> you will be prompted to enter a fully qualified domain name, SSL Port, JKS File, JKS Password, PFX File, PFX Password, and CER File. Once you have selected these, the system begins extracting files.

Once all files are extracted and the installation is complete, an empty command line appears.

Checking the IAST Services using systemctl

IAST services can be checked using systemctl, which is a CLI tool available in most Linux distributions.

The following operations can be performed on the IAST services using systemctl:

  • stop

  • start

  • restart

  • enable

  • disable

  • status

Examples

To check if the CxAccessControl service is running and enabled, use the following command:

sudo systemctl status CxAccessControl

To start the IAST Manager service, use the following command:

sudo systemctl start CxIastManager

To check the status of several IAST services, use the following command:

sudo systemctl --type=service | grep -iE '^Cx'