2024-03-19
Internet Explorer access to certificates

SonarQube Scanner and Invalid SSL Certificates

https://sylvainleroy.com/wp-admin/options-general.php?page=ad-inserter.php#tab-2

Struggling with SonarQube scanner and your invalid SSL certificate ? Here is a way to handle it.

Issue with SonarQube scanner

The SonarQube Scanner is NOT supporting invalid certificates and unfortunately our SonarQube server is delivered with an invalid SSL certificate.

INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 0.504s
INFO: Final Memory: 4M/123M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: Unable to execute SonarQube
ERROR: Caused by: Fail to get bootstrap index from server
ERROR: Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to fi
nd valid certification path to requested target
ERROR: Caused by: PKIX path building failed: sun.security.provider.certpath.SunC
ertPathBuilderException: unable to find valid certification path to requested ta
rget
ERROR: Caused by: unable to find valid certification path to requested target
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging
.

To circumvent this error, you will have to upload all certificates in your cacerts.

Solution

Here are the steps to load your certificates : 

  • Unzip the files into the jre/lib/security of the SonarRunner installation, overwrite the exisiting ones.
  • Open the file jre/lib/security/cacerts using portecle (default password is changeit)
  • Download your own certificate using your browser and obtain a .cer or pkx certificate.
    Internet Explorer access to certificates
    • Import them using portecle.
    Screenshot how to use portecle
    Screenshot how to use portecle
    • DONEYour Sonarqube Scanner should be able to connect itself to the SonarQube server.

    Interesting SonarQube articles : SonarQube and ReactJSSonarQube plugins for AngularJS and Javascript you may not know

    Sylvain Leroy

    Senior Software Quality Manager and Solution Architect in Switzerland, I have previously created my own company, Tocea, in Software Quality Assurance. Now I am offering my knowledge and services in a small IT Consulting company : Byoskill and a website www.byoskill.com Currently living in Lausanne (CH)

    View all posts by Sylvain Leroy →