SonarQube Scanner and Invalid SSL Certificates

Struggling with SonarQube scanner and your invalid SSL certificate ? Here is a way to handle it.

Issue with SonarQube scanner

The SonarQube Scanner is NOT supporting invalid certificates and unfortunately our SonarQube server is delivered with an invalid SSL certificate.

INFO: ------------------------------------------------------------------------
INFO: ------------------------------------------------------------------------
INFO: Total time: 0.504s
INFO: Final Memory: 4M/123M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: Unable to execute SonarQube
ERROR: Caused by: Fail to get bootstrap index from server
ERROR: Caused by: sun..validator.ValidatorException:  path building
failed: unable to fi
nd valid certification path to requested target
ERROR: Caused by:  path building failed:
ertPathBuilderException: unable to find valid certification path to requested ta
ERROR: Caused by: unable to find valid certification path to requested target
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging

To circumvent this error, you will have to upload all certificates in your cacerts.


Here are the steps to load your certificates : 

  • Unzip the files into the jre/lib/security of the SonarRunner installation, overwrite the exisiting ones.
  • Open the file jre/lib/security/cacerts using portecle (default password is changeit)
  • Download your own certificate using your browser and obtain a .cer or pkx certificate.
    Internet Explorer access to certificates
    • Import them using portecle.
    Screenshot how to use portecle
    Screenshot how to use portecle
    • DONEYour Sonarqube Scanner should be able to connect itself to the SonarQube server.

    Interesting SonarQube articles : SonarQube and ReactJSSonarQube plugins for AngularJS and Javascript you may not know

    Next to read  How to send notifications to slack with SonarQube