Could not validate GitLab url

amnonpaz · January 17, 2021, 9:42am

Hi,
I am new to SonarQube, and I have installed SonarQube v8.6 (developer version) on Docker (exported port 9000). I’m trying to connect to GitLab (On premise, version 12.0.1-ee), as described here
I am having problem in “Setting your global settings”. After creating a new configuration, I get this error:
sonarqube-error

Trying to add a new GitLab project, where I insert the GitLab access token manually, I get this error: `

Your personal access couldn’t be validated. Please make sure it has the right scope and that it is not expired.

The access token’s scopt is user_read (I also tried “api” and both “api” and “user_read”), and is valid.

In web.log, I see this error:

2021.01.17 09:21:51 ERROR web[AXcBf2MRWVqaqO8aAAbF][o.s.s.w.WebServiceEngine] Fail to process request http://xx.yy.zz.ww:9000/api/alm_integrations/check_pat?almSetting=SoftwareTest
java.lang.IllegalStateException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
.
.
.
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What can be its cause, and how can I fix it?

Thanks,
Amnon.

amnonpaz · January 17, 2021, 1:57pm

After carrying the steps described here I still have the same error, but the log states a different error:

Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname XXXXXXXXX not verified:

My GitLab server has a self-signed certificate. I believe that this causes the problem.

pierreguillot · January 18, 2021, 9:52am

Hi, yes indeed you have an SSL certificate issue. If you added it to the Keystore, it may be invalid or incomplete. Make sure you added the correct hostname to your certificate Server Name Indication extension.

amnonpaz · January 21, 2021, 11:20am

Hi Pierre,

Thanks for your input. Yes, the names are the same.
I saw this issue, could missing SubjectAlternativeName in our self-signed certificate be the issue?

Amnon.

pierreguillot · January 21, 2021, 11:33am

Yes, definitely.

Manas_Upadhyay · September 29, 2021, 5:24pm

Hey @pierreguillot
I have Gitlab which is we access from the web and I don’t have any specific IP for it and I am running a sonarqube developer edition How would I configure the URL for gitlab

pierreguillot · September 30, 2021, 7:24am

How do you access GitLab from your web browser?

Manas_Upadhyay · September 30, 2021, 9:35am

@pierreguillot I use https://gitlab.com

pierreguillot · September 30, 2021, 10:53am

So you need to point to Gitlab .com API endpoint: https://gitlab.com/api/v4

Manas_Upadhyay · September 30, 2021, 11:01am

@pierreguillot Thankyou very much it worked