This section helps you remedy common problems and understand how better to use the Veracode XML APIs and integrations.
|Any API||I received a HTTP 401 or Access Denied error. I do not have access to the APIs or I am unsure what kind of access I need.|
|Any API||I cannot log in to Veracode when using the APIs.||
|Any API||The scan stopped after prescan.||To determine why a scan that started from an API failed after prescan, review the response code returned from the beginscan.do API call. When your script calls beginscan.do, the API returns a status code that confirms the scan successfully started, or provides an error message to explain why the scan did not start.|
|Any API||I received cURL error 35.||If you receive the cURL error 35: "Unknown SSL protocol error in connection to ...", you need to update your version of cURL. Alternatively, you can pass the option -3, which forces cURL to use SSL version 3 when negotiating with a remote SSL server.|
|Any Integration||I have received one of these messages:
||If you are using an integration that attempts to connect over TLS 1.0 or 1.1, you may receive one of these error messages. See Using TLS with Veracode Integrations.|
|Archer API||Invalid IP address range.||Ensure that you are attempting to connect from an IP address that is allowed by the IP address restrictions for the login you are using. Veracode APIs and integrations require access to analysiscenter.veracode.com and api.veracode.com. Contact your IT team to ensure these domains are on the allowlist for your organization and that there is one-way communication on port 443 to api.veracode.com. Refer to the complete list of domains and IP addresses to add to your allowlist.|
|Archer API||Invalid login type.||Ensure that you are providing credentials for an API class login with the Archer API role.|
|Archer API||Invalid or null token.||Each login account is limited to using five tokens at a time to download Archer reports. The last five of generated tokens are valid. All tokens expire after 30 days whether used or not. Using invalid tokens returns HTTP status code 403.|
|Archer API||Incorrect date format.||The date format used by the date_from and date_to fields is dd-mm-yyyy, meaning, date then month and year.|
|Archer API||The report not ready.||If you try to call downloadarcherreport.do before generatearcherreport.do has completed, you receive HTTP status code 204 to indicate no content is available. Try to download the report at a later time. After an excessively long time, if the Veracode Platform does not return the report, contact Veracode Technical Support.|
|Archer API||The results file is too large.||When attempting to fetch the Archer feed for a large number of applications at once, the Veracode Platform may return HTTP status code 500. It is best in these cases to fetch the data using the optional arguments for the Archer API to limit the scope of the data being pulled (e.g. using scan_type and/or a date range). Once all the historical data is in place, use one of the period arguments ( yesterday , last_week , or last_month ) to pull data on a scheduled basis.|
|Eclipse Plugin||I experience a PKIX path building failure when installing the plugin from Eclipse.||Add the following lines to the eclipse.ini file in your
-vmargs --Djavax.net.ssl.trustStore="path for cacerts" --Djavax.net.ssl.trustAnchors="path for cacerts"
|Jenkins Plugin||I receive one of these messages:
|Jenkins Plugin||The following message appears in the console output: The policy status 'Did Not Pass' is not passing. Unable to continue.||This message indicates that you selected the Wait for scan to complete checkbox in your job configuration and the scan failed to pass your policy. If you want builds for scans that fail policy to complete, you must deselect that checkbox.|
|Jenkins Plugin||The test connection action fails. There is no success message.||
|Jenkins Plugin or Java API Wrapper||The following message appears: Requested array size exceeds VM limit.||This error indicates you are attempting to upload an archive that is too large for the current limit (in GB). Check the content and size of the files or archives you are uploading to verify you are using the correct files.|
|Jenkins Plugin or Java API Wrapper||
The following message appears:[16.01.11 14:28:39] java/net/HttpURLConnection.setFixedLengthStreamingMode(J)V Build step Upload and Scan with Veracode marked build as failure Finished: FAILURE
|This message indicates that the Java version you are using is not Java 7 or later. The Veracode Jenkins Plugin and the Veracode Java API wrapper require Java 7 or later.|
|Veracode Integration for Jira||If you need to troubleshoot any issues, enable debug logging in Jira.
The location of the Jira logs depends on the Jira installation location. For example:
|Enable Logging in Jira and set the logging level to DEBUG. After completing any debugging, ensure you change the logging level from DEBUG back to the logging level, such as INFO, and restart Jira.|
|Maven Build Script||The following message is returned: java.lang.ClassNotFoundException: Cannot find the specified class com.ibm.websphere.ssl||The IBM WebSphere environment may prevent a Veracode UploadandScan target from executing if the Maven build script dependencies with the Java class path are missing. To resolve this, generate two pom.xml scripts, using one specifically for the Veracode upload.|
|Results API||The getappbuilds.do call is slow to deliver information.||Veracode recommends that you use getapplist.do to generate a list of all applications and getbuildlist.do to generate a list of all builds for an application. You can then use getappinfo.do and getbuildinfo.do to retrieve the information about specific applications and builds.|
|Upload API||I do not know if the prescan is complete or successful.||To check the prescan results in the Upload API, call getprescanresults.do.|
|Upload API||My scan does not complete due to non-fatal errors.||If you want to ensure the scan completes even though there are non-fatal errors such as unsupported frameworks, ensure you use the scan_all_top_level_modules parameter when you use the beginscan.do call.|
|Upload API and Integrations||I received a fatal error after prescan, which is preventing my static analysis from starting automatically.||Before the next time your static analysis is scheduled to start automatically, you need to:|
|Any Plugin, Any API||When using either a Veracode plugin, the Veracode API wrappers, or a custom script, I see this returned in the output text: App not in state where new builds are allowed.||This message indicates that a previous static scan did not succeed for the specific application. Log into the Veracode Platform and review the application's current scans to determine if the previous scan did not successfully complete. A previous scan may still be in progress. If a previous scan is still running due to an error, select Delete. You can then use the plugin to submit a new scan request.|
|Any Plugin, Any API||I receive an error when an API or integration attempts to access Veracode.||Veracode APIs and integrations require access to analysiscenter.veracode.com and api.veracode.com. Contact your IT team to ensure these domains are on the allowlist for your organization and that there is one-way communication on port 443 to api.veracode.com. Refer to the complete list of domains and IP addresses to add to your allowlist.|
|Visual Studio Extension||I received a download error that says No applications exist for the specified user's account.||Using the Visual Studio Veracode menu, you may have attempted to download results after selecting a specific application for which you do not have permission to access. You must be a member of each team associated with an application to be able to access that application's data.|
|Visual Studio Extension||The Upload Build menu does not populate the Application dropdown list or allow me to complete the Build text box.||This message indicates that you do not have the required role to either create a new application or build.|
|Visual Studio Extension||I receive this message Support Issue: No precompiled files were found for this ASP.NET web application.||Use the Veracode Static for Visual Studio to prepare your .NET application for uploading to Veracode. For information on how to use this extension, see Using Veracode Static for Visual Studio.|
|Visual Studio Extension||I ran a scan from within Visual Studio, downloaded the scan results and, then, selected. The Results window is empty.||If you are using Visual Studio 2019 with .NET Framework version 4.8, you must clear an option in Visual Studio to ensure the downloaded scan results display in the Results window. Otherwise, the Results window may be empty.|
|Visual Studio Extension||Upload and Scan fails to complete automatically.||For web applications built on ASP.NET 3.0 Core and later, there is an executable that duplicates the artifacts included in the upload to the Veracode Platform. In your web application project, you must deselect the duplicate executable to exclude it from the upload, or you see an error and the Veracode Platform initiates a manual module selection.|
|Veracode Azure DevOps Extension||The Veracode Release Summary report is not displaying in the TFS on-premise extension.||If you rename the build step task Upload and Scan, the extension cannot find and execute the task, and no Veracode Summary Report is created.|
|Veracode Azure DevOps Extension||I am receiving upload errors for my Azure DevOps builds.||
To resolve the upload errors, you have these options:
Microsoft provides pipeline build steps for creating a folder with only the files that Veracode requires for scanning. See the Copy Files task and Delete Files task in the pipeline documentation on the Azure documentation website.
|Veracode Azure DevOps Extension||I selected the Veracode Scan Summary tab in Azure DevOps to view scan results and see the message Veracode is taking longer than expected to load.||Clear your browser cache and, then, select the Veracode Scan Summary tab again.|
|Any IDE Plugin or Extension||I am having problems with my credentials and am prompted to enter them multiple times.||
For assistance with errors you receive while compiling your application, see the Troubleshooting Precompilation Errors page.
If you cannot find the solution to your problem on this page, contact Veracode Technical Support.