Downloading and installing the Signature Scanner CLI

Ensure your client meets the requirements and then download and install the Signature Scanner CLI.

Downloading the Signature Scanner CLI

The Signature Scanner CLI is packaged as a .zip file. Download it from the Black Duck application.

Before downloading the Signature Scanner CLI, be sure that:

Your Black Duck license is enabled for Component Scanning.
Your Black Duck account has the Global or Project Code Scanner role.

Note: Java Runtime Environment (JRE) is included with the download of Signature Scanner. However, there may be situations that require you to use your version of JRE, for example you have self-signed certificates stored in a preferred version of Java or your company policy only allows you to run a specific version of JAVA or JRE. In these instances, you need to set the BDS_JAVA_HOME environment variable prior to running Signature Scanner.

To download the Signature Scanner CLI from the Black Duck user interface:

Log in to Black Duck.
Navigate to the drop-down menu under your username, and select Tools.
On the Tools page under Legacy Downloads, click the expand arrow to view and select the download link for the Linux, Mac OS X, or Windows CLI of the Signature Scanner.

Installing the Signature Scanner CLI

Install the scanner on the computer that contains the archives to be scanned. You cannot scan archives on a remote server.

To install the Signature Scanner CLI:

Unzip the Signature Scanner CLI.
The following is the directory structure for Windows: