Question
I'm receiving a connection error from CodeSec, what's wrong?
Answer
In order to conduct scans, CodeSec needs to be able to connect and authenticate with the Contrast backend. There are a couple of reasons this connection could fail:
Connectivity
If there's a proxy or firewall in between CodeSec and the public internet, CodeSec traffic may be blocked. Firewalls will need to be configured with the Inbound IP addresses listed here: What is the IP for Contrast SaaS?. CodeSec doesn't currently offer proxy support. However this is on the roadmap and expected to be available this summer 2022.
Authentication
On performing contrast auth
, CodeSec generates and stores you unique keys for connecting to the Contrast backend. If CodeSec isn't used for 6 months or more or there's 3 failed authentication attempts, the user on the backend may become invalid or locked. You can find the keys that CodeSec is using to authenticate by running:
contrast config
The Contrast Support team can assist in reactivating your account. Simply select the Submit a Ticket button in the top righthand corner to contact them.