Changing Protocols, the Hostname and Ports for Checkmarx Components (v9.0.0 and up)
Background
A number of additional components have been introduced (Access Control, CxSAST, Management & Orchestration, and ActiveMQ) to the latest versions of CxSAST. The endpoints for these components are saved in the database (CxDB) as {Protocol}://{FQDN}:{Port}. Fully Qualified Domain Name (FQDN) is the complete domain name for the host and consists of the hostname and the domain name (e.g. http://mqserver.company.com:5555).
Use Cases
This instruction defines the procedure for changing component endpoint configurations in the database, in cases where the current configurations need to be changed, The following use cases will determine if and how these component endpoints should to be changed.
- Use-Case 1: If the machine is only reachable by the IP and not by the FQDN, for instance, if a DNS Server is not used, you will need to change the table key value definitions in the database.
- Use-Case 2: If you change the CxSAST, Management & Orchestration or ActiveMQ ports after installation, you will need to change the table key value definitions in the database.
- Use-Case 3: If you manually configured the environment as Secure Sockets Layer (SSL), you may need to change the table key value definitions in the database.
- Use-Case 4: If you rename the machine, you will need to change the table key value definitions in the database.
- Use-Case 5: If you configured the system to connect users via a corporate proxy server, you will need to change the table key value definitions in the database.
- Use-Case 6: If you add a load balancer, for instance, in HA deployments where the load balancer endpoint is used instead of the machine name, you will need to change the table key value definitions in the database.
For further instructions and examples, refer to Accessing the Database Table and Changing Table Key Value Definitions.
Accessing the Database Table
Once the CxSAST (v9.0.0 and up) environment is installed and fully configured, access the database as follows:
1. Open MS SQL Server Management Studio.
2. Connect to the SQL server.
3. Go to 
Databases > 
CxDB > Tables.
4. Change the table key value definitions as instructed in the section below.
Changing Table Key Value Definitions
After accessing the database and connecting to the SQL server, do the following:
1. In the Tables folder (Databases > CxDB > Tables), right-click the required Table according to the Table/Key Value Definitions table below and then select Edit Top 200 Rows.
2. For each Key, change the Value field according to the relevant use case (refer to Use Cases).
3. Save your changes.
4. On the CxManager host, reset the IIS. To do so, run ‘iisreset’ from the elevated CMD or run 
Restart for the relevant server in the IIS Console.
5. Restart all Cx Windows Services.
| Table | Key | Value |
|---|---|---|
dbo.CxComponentConfiguration | IdentityAuthority (i.e. Access Control URL) | {Protocol}://{Machine}:{Port}/CxRestAPI/auth Default HTTP port = 80 When upgrading to v9.0.0, the IdentityAuthority value is preserved unless it is empty or set to localhost. In these cases, the full URL of your local station is added. |
| CxSASTManagerUri (i.e. SAST Manager URI) | {Protocol}://{Machine}:{Port} Default HTTP port = 80 | |
| CxARMURL (i.e.CxAnalytics URL) | {Protocol}://{Machine}:{Port} Default HTTP port = 8080 | |
| CxARMPolicyURL (i.e.Policy Manager URL) | {Protocol}://{Machine}:{Port} Default HTTP port = 8080 | |
| ActiveMessageQueueURL (i.e.ActiveMQ URL) | {Protocol}://{Machine}:{Port} Default TCP port = 61616 | |
| config.CxEngineConfigurationKeysMeta | ACTIVE_MESSAGE_QUEUE_URL (i.e.ActiveMQ URL) | {Protocol}://{Machine}:{Port} Default TCP port = 61616 |
| accesscontrol.ConfigurationItems | SERVER_PUBLIC_ORIGIN | Change according to the following conditions:
In all instances, the protocol should be the same for both SERVER_PUBLIC_ORIGIN and IdentityAuthority keys. |