Acunetix offers out-of-the-box integration with Jenkins CI. The setup procedure requires the Acunetix API key, which is available for Enterprise editions.

Before proceeding any further, ensure that you have installed the latest version of Acunetix. You can download it from 

Note that these instructions are for a Windows installation but you can easily modify them for a Linux installation.

The Acunetix installer automatically generates two certificates for user interface access. You can find them in the C:\ProgramData\Acunetix\certs directory. You must install the CA certificate (ca.cer) in the Jenkins cacert keystore.

Initial Configuration of Acunetix and Jenkins

You can download Jenkins from Jenkins works on platforms such as Windows, Linux distributions, and in Docker containers. After you install Jenkins, access its interface in a web browser and click on Manage Jenkins.

The Jenkins management page provides an overview of configurable settings. Navigate to Manage Plugins and download the latest Acunetix plugin from the Available view pane. After you select it, click on Install without restart to install the plugin.

Navigate back to the management page and select Configure System. Scroll down to the bottom of the page to see the Acunetix configuration section.

Acunetix API

By default, the Acunetix API URL field contains the value localhost. If your Jenkins instance is deployed on a different host than your Acunetix instance, you need to make Acunetix reachable from hosts other than localhost. If you are using Acunetix Online, you should use

To get the Acunetix API URL, append /api/v1 to the address used to access the Acunetix UI. You can select the Acunetix API key after you add it to the Jenkins API list. Click on the Add button to configure the API key.

Jenkins credentials provider

Get the Acunetix API Key

To obtain an Acunetix API key, open Acunetix, log into the administrator account, and navigate to the administrator profile from the top-right dropdown menu.

Acunetix Dashboard

You can find the Acunetix API key in the API Key section.

API key - jenkins

1. Make the following changes in the Jenkins Credentials Provider:

  • Domain: Select Global credentials
  • Kind: Select Secret text
  • Secret: Paste your Acunetix API key
  • ID: Leave blank
  • Description: Acunetix API key

2. Click on the Add button when done
3. Choose the new credential from the Acunetix API Key drop-down list
4. Click on the Apply button at the bottom of the settings page

Install the Acunetix CA Certificate

Before you can click on Test Connection, you must install the Acunetix CA certificate. This is the certificate generated during Acunetix installation. You must install it in the Java CA store in the following directory:


By default, Jenkins comes with the latest version of Java, and you can install the certificate in the castore keystore in the C:\ProgramFiles(x86)\Jenkins\jre\lib\security directory. If Jenkins uses a pre-installed JDK (specified in Manage Jenkins > Global Tool Configuration), you need to install the ca.cer file in the respective directory.

If you need to find your Java installation, try to echo the contents of the $JAVA_HOME environment variable to learn where the JRE is installed on your system:
~# echo $JAVA_HOME

If this does not work, try to find the JDK on your system by following symlinks to the Java executable:

~# whereis java
java: /usr/bin/java /usr/share/java /usr/share/man/man1/java.1.gz

~# ls -ltr /usr/bin/java
lrwxrwxrwx 1 root root 22 Feb 7 20:04 /usr/bin/java -> /etc/alternatives/java

~# ls -ltr /etc/alternatives/java
lrwxrwxrwx 1 root root 46 Feb 7 20:04 /etc/alternatives/java -> /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java

Follow this procedure to install the certificate file in the castore keystore:

  1. Copy the ca.cer certificate to the castore directory.
  2. Open a command prompt window in this directory with administrative privileges. If using Linux, escalate privileges to root.
  3. Enter the following command in the command window (default password: changeit):
    ~# keytool -import -trustcacerts -alias AcunetixCA -keystore %path_to_java_folder%\jdk\jre\lib\security\cacerts -file %path_to_cert_folder%\ca.cer
  4. To confirm that you installed the certificate correctly, use the following command:
    ~# keytool -list -keystore %path_to_java_folder%\jdk\jre\lib\security\cacerts -alias AcunetixCA
  5. If the installation was successful, you will see AcunetixCA details.

Now you can go back to the Jenkins Acunetix plugin configuration to apply and save changes. Click on Test connection. If the connection test is successful, you will see the following message:



IMPORTANT: The Acunetix CA certificate is issued on the host name selected during installation. For that reason, when configuring the Acunetix URL, it is important to use the host name selected during installation.
If you want to use the IP, you will need to generate the Acunetix CA certificate again on the IP address.

This can be done by following this document:

Add an Acunetix Scan as a Build Step in a Jenkins Job

To add an Acunetix scan as a build step in a Jenkins job, navigate to the configuration of an existing job or create a new job. In the Build step, select Acunetix from the Add build step drop-down.

You will see the following options:

  • Scan Type: Choose a Scan type for the scan. Scan types are used to reduce the scope of tests that the scanner runs during the scan.
  • Scan Target: Choose a Scan target that you wish to scan. Scan targets are obtained from Acunetix with the exception of targets requiring manual intervention. The listed targets contain part of their descriptions to help you distinguish between targets that have the same URL.
  • Fail build if threat level is: Choose at which threat level to fail the Jenkins build based upon the threat level of the scan (High severity, Medium severity, or Low severity).
  • Stop the scan when build fails: Check this checkbox if you would like to abort the scan when the fail condition in Fail build if threat level is is met. This setting is enabled by default.
  • Generate Report: Choose a report to generate upon completion of the scan. The report will be accessible inside of Acunetix and a download link will be provided inside the job console output.

Troubleshooting Connection Refused Errors

connection refused

If you use a hostname instead of an IP or the other way around, Jenkins will respond with a connection refused error. To further investigate the encountered issue, follow these instructions for your OS.


By default, you can find Jenkins logs in /var/log/jenkins/jenkins.log, unless customized in /etc/default/jenkins (for *.deb) or via /etc/sysconfig/jenkins (for *.rpm).


By default, you can find Jenkins logs in %JENKINS_HOME%\jenkins.out and %JENKINS_HOME%\jenkins.err, unless customized in %JENKINS_HOME%\jenkins.xml.

For more information on setting up Jenkins with Acunetix, contact our support team:

Daniel Zammit
Acunetix Technical Guru
Daniel Zammit is an experienced IT Engineer, specialized in system administration. His background is Business and IT, with an interest in web development and machine learning techniques for network security applications.

  • Hi, how do we get hold of the CA Cert if we’re using Acunetix Online?

    • Hi Jamie,

      Acunetix Online uses a certificate which is not self-signed, and thus does not require the certificate to be configured in Jenkins.

  • Is it possible to invoke the plugin using “Pipeline as Code” ?

    • Hi,

      Yes, that is possible. This requires a newer version of the Jenkins plugin. Contact our support team for more information.

  • How can I replace my trial license with the enterprice license? I already have it but I do not see the option to change it.

  • hi, I followed the tutorial in this page step by step, but when i test connection I always get this error: “Please add the Acunetix scanner certificate to Java CA store” in other to I installed the certificate correctly into the keystore: /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts
    Can anyone help me, please!

    • Hi,

      Did you already following the section “Install the Acunetix CA Certificate” in the article? You will need to use the keytool utility. Should the problem persist, please contact our support team.

  • Comments are closed.