Configure an On-Premise Code Scanner to Use Self-Signed Certificate

If you secure your repository server with a self-signed certificate not signed by a trusted certification authority, you can configure the on-premise code scanner to skip the TLS verification.

To configure an on-premise code scanner to use self-signed certificate:

  1. Use Secure Shell (SSH) and access the on-premise code scanner VM.

  2. Locate the docker-compose.yaml file.

    Note: The docker-compose.yaml file is part of the For more information, see Deploy an On-Premises Code Scanner

  3. In the siac-bot section, add an environment variable: SKIP_TLS_VERIFY: "true"
  4. Save the docker-compose.yaml file.
  5. In the CLI of Tenable Cloud Security, run the following command:
    sudo ./tenable-cs-code-scanner

    Tenable Cloud Security uses the self-signed certificate to scan your repository.