SonarQube Scanner and Invalid SSL Certificates

Home / SonarQube Scanner and Invalid SSL Certificates

Internet Explorer access to certificates

Share on LinkedIn
Pocket

Struggling with SonarQube scanner and your invalid SSL certificate ? Here is a way to handle it.

Issue with SonarQube scanner

The SonarQube Scanner is NOT supporting invalid certificates and unfortunately our SonarQube server is delivered with an invalid SSL certificate.

INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 0.504s
INFO: Final Memory: 4M/123M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: Unable to execute SonarQube
ERROR: Caused by: Fail to get bootstrap index from server
ERROR: Caused by: sun..validator.ValidatorException:  path building
failed: sun.security.provider.certpath.: unable to fi
nd valid certification path to requested target
ERROR: Caused by:  path building failed: sun.security.provider.certpath.SunC
ertPathBuilderException: unable to find valid certification path to requested ta
rget
ERROR: Caused by: unable to find valid certification path to requested target
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging
.

To circumvent this error, you will have to upload all certificates in your cacerts.

Solution

Here are the steps to load your certificates : 

  • Unzip the files into the jre/lib/security of the SonarRunner installation, overwrite the exisiting ones.
  • Open the file jre/lib/security/cacerts using portecle (default password is changeit)
  • Download your own certificate using your browser and obtain a .cer or pkx certificate.
    Internet Explorer access to certificates
    • Import them using portecle.
    Screenshot how to use portecle
    Screenshot how to use portecle
    • DONEYour Sonarqube Scanner should be able to connect itself to the SonarQube server.

    Interesting SonarQube articles : SonarQube and ReactJSSonarQube plugins for AngularJS and Javascript you may not know

    Share on LinkedIn
    Pocket

    , , , , , ,

    About Author

    about author

    Sylvain Leroy

    Senior Software Quality Manager and Solution Architect in Switzerland, I have previously created my own company, Tocea, in Software Quality Assurance. Now I am offering my knowledges and services in a small IT Consulting company : Byoskill and a website www.byoskill.com

    Currently living in Lausanne (CH)

    Optimization WordPress Plugins & Solutions by W3 EDGE