Hello,
We want to enable HTTPS on our SQ instance and I need to generate a certificate.
I can generate either PFX or PKCS#7. Which one is supported?
Thanks,
Hi @vayner ,
TLS is not naively supported by SQ, so you need to setup a reverse proxy to handle TLS for you and the requirements here depend on the solution you choose (apache2 and nginx can handle a lot of formats tho).
hope that helps 
1 Like
Thank you so much for your reply. This makes thing more complicated for us.
The SQ instance we have is running Linux in docker container. We need to do some homework here.
Is there any example you can point me on how this can be achieved in our case?
If you want to stick to “everything in a container”, then the nginx-reverse proxy by jwilder might be something to look into. you can add your certificates in there and let it handle TLS.
maybe this example compose will help you:
version: "3"
services:
sonarqube:
image: sonarqube:9.1-community
depends_on:
- db
networks:
- sonar-network
environment:
SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: sonar
VIRTUAL_HOST: sonarqube.dev.local
VIRTUAL_PORT: 9000
volumes:
- sonarqube_extensions:/opt/sonarqube/extensions
- sonarqube_logs:/opt/sonarqube/logs
db:
image: postgres:12
networks:
- sonar-network
environment:
POSTGRES_USER: sonar
POSTGRES_PASSWORD: sonar
volumes:
- postgresql:/var/lib/postgresql
- postgresql_data:/var/lib/postgresql/data
proxy:
image: jwilder/nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- /path/to/certs:/etc/nginx/certs
networks:
- sonar-network
- sonar-public
networks:
sonar-network:
ipam:
driver: default
config:
- subnet: 172.28.2.0/24
sonar-public:
driver: bridge
volumes:
sonarqube_extensions:
sonarqube_logs:
postgresql:
postgresql_data:
you will of cause need to adjust the configuration
1 Like