Documentation should mention sonar-md5 custom http response header

  • Sonarqube 8.9.6, sonarscanner

Scanner throws exception when trying to download plugins:

Request to https://[…]/api/plugins/download?plugin=abap&acceptCompressions=pack200 did not return header Sonar-MD5

Reason is that our sonarqube server is behind a firewall which removed the “sonar-md5” HTTP header from the response for the above mentioned request.

The documentation chapter “Operating the server” mentions that the “SonarQube-Authentication-Token-Expiration” custom header has to be forwarded, but nothing else. It would be helpful to also mention the sonar-md5 custom header in the documentation.


Hi Martin,

Thanks for bringing this to our attention. We’ve opened a jira ticket to address the gap in the documentation and we’ll update it shortly.