Connecting Sonarqube to Gitlab

I am using Sonarqube:

• deployed with docker-compose
• version v10.7
• on-premise
• together with GitLab Enterprise Edition [v17.5.1-ee]

I have some issues with connecting my Sonarqube to a self-hosted Gitlab instance. After following the excellent guidance provided to me in this thread:

I now get the following error message:

java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Research yielded that this is due to problems with my truststore. Yet, SSLPoke yields:

java -Djavax.net.ssl.trustStore=trustStore.keystore -Djavax.net.ssl.trustStorePassword=changeit -jar SSL│root@bv-sonarqube:/opt/docker/sonarqube/openssl gitlab.brave-vesperia.com 443

Successfully connected

What’s weird is that the trustStore parameter seems to be irrelevant, i.e. SSLPoke always reports success no matter what I pass into this parameter.

I’m a bit stumped. The truststore is definitely correctly mounted via docker-compose:

- /opt/docker/sonarqube/openssl/custom.truststore:/opt/java/openjdk/lib/security/cacerts:ro

i semi-solved the issue by unmounting the truststore, copying the original truststore from the docker image and adding my cert to this store. Afterwards I remounted it, which fixed the issue.

Would still like to know why this is necessary.

Thank you kindly in advance.

Hey @Martin_Schmid

I think it will be hard to go back in time and figure out what happened here if it has gone back to normal. This error message is famously not precise.

Has it happened again, or has it been stable?