Must-share information (formatted with Markdown):
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
- SonarQube 7.8 Community Edition (Docker)
- Postgresql 10 (Docker)
- RHEL 7
- Nginx Proxy
- what are you trying to achieve
Interacting with in-house MS Active Directory through ldaps
- what have you tried so far to achieve this
Trying to connect to ldapjs, but unable to do so due to certificate error.
From sonar.properties, there a message about installing the server certificate into the Java truststore. My understanding is that, probably i need to modify the java truststore within the SonarQube docker container itself?
I have followed the suggestion given by https://github.com/SonarSource/docker-sonarqube/issues/207
- Create a jks based on my internal root cert
- Build a refined sonarqube image , Dockerfile as follow
FROM sonarqube:7.8-community COPY someca.jks /usr/local/openjdk-8/jre/lib/security/cacerts
- Add the following into sonar.properties
Unfortunately, i still got some errors . I have verify the keystore and its looks fine too.
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120) at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104) at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:89)
Are there any standard ways we can add our internal self-signed certificate into the java truststore?