JFrog Advanced Security: JAS Installation Prerequisites

JFrog Advanced Security: JAS Installation Prerequisites
AuthorFullName__c
Bassel Mbariky
articleNumber
000006326
ft:sourceType
Salesforce
FirstPublishedDate
2025-01-08T12:41:35Z
lastModifiedDate
2025-01-08
VersionNumber
2
Prerequisites for Installing JAS 

Before proceeding with the installation of JAS ((JFrog Advanced Security) as outlined in our documentation, ensure that Artifactory (RT) meets the following requirements:

1. JFConnect and Entitlements
Enabling JFConnect with Entitlements
Artifactory must have access to external resources, either directly or through a proxy. Add the following properties to the system.yaml file, located at $JFROG_HOME/artifactory/var/etc:
jfconnect:
  enabled: true
  usage:
    enabled: true
Additionally, whitelist the following URLs on the Artifactory machine:
  • jcs.jfrog.io
  • jes.jfrog.io
Artifactory uses these URLs to retrieve entitlements. For more information about JFConnect, refer to this documentation

Air-Gapped Environments
If Artifactory is deployed in an air-gapped environment (without internet access), enable the air-gapped property in the system.yaml file under the JFconnect:
jfconnect:
  enabled: true
  airgap:
    enabled: true
  usage:
    enabled: true
This configuration prevents Artifactory from accessing the above URLs to get the entitlements. We must manually retrieve and apply entitlements. For detailed steps, refer to this documentation.

Important: Each time the license changes in an air-gapped environment, you must repeat the manual entitlement retrieval process.

Restarting Artifactory
After making changes to the system.yaml file, restart Artifactory to apply the updates.

2. Custom Base URL

Ensure that Artifactory is configured with a custom base URL. The JAS pods use this custom base URL to communicate with Artifactory. For instructions on setting a custom base URL, refer to this KB article.


Verifying JFConnect and Entitlements

After completing the above steps, verify that JFConnect is enabled and entitlements are correctly configured:
  1. Log in to the Artifactory on UI as an admin.

  2. Navigate to the following URL: <Artifactory_URL>/ui/api/v1/jfconnect/entitlements


This will display the current entitlement status. For reference, see the image below:

User-added image 

Installation Guides

After following the instructions above, for detailed instructions on installing JAS, refer to the following documentation:

Additionally, I recommend enabling JFrog Advanced Security Readiness Checking. This feature will allow us to monitor the health of JAS effectively. For more details on how to enable it, please refer to this page.