Are you using LetsEncrypt for certificate issuance for your SonarQube instance? We’re experiencing the same issue right now, with LetsEncrypts DST Root CA X3 expired today, with certificate issuance handled by cert-manager in our k8s cluster (where SonarQube is deployed via DockerHub 8.9.2 LTS image).
Tried updating/restarting hosted Azure DevOps agents, the box they are hosted on. Still getting the CERT_HAS_EXPIRED error as well.
edit: cert chain is valid from browsers and CLI tools (e.g. WGET) on both Windows and Linux boxes. So this seems to be an issue with the Azure DevOps task or the build agents.
edit 2: this is occuring on the SonarQubePrepare task in our pipeline
edit 3: To be clear, the box our build agents are hosted on trusts the new ISRG Root X1 cert (which expires in 2035) already, and which is the root CA on our LetsEncrypt cert securing our SonarQube deployment.
None of these worked. My SonarQube instance is completely accessible, and my browser and other services are not getting the same error regarding the certificate, only the “SonarQubePrepare” task in Azure Devops.
PS. my infrastructure is not running on K8S, it is a standalone Ubuntu 20.04 Server.
Confirmed that quick node script performing a GET to the indicated /api/server/version endpoint works just fine on the machine where our hosted build agents are running. So that appears to be ruled out.
This is a blocker to our CI system at the moment. cc: @mickaelcaro since you ran into something similar before.