Dotnet sonarqube fail ERROR: SonarQube server cannot be reached

Hello,

i try to run sonar scan from dotnet code with below command then i got the error cannot be reached after run dotnet sonarscanner end … how to solve this issue or i miss some parameter of dotnet

dotnet sonarscanner begin /k:"dotnetex" /d:sonar.host.url="https://sonarqube.abc.com" /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f"
dotnet build
dotnet sonarscanner end /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f"

===========================================================
C:\ExampleCode\MyApp>dotnet sonarscanner end /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f"
SonarScanner for MSBuild 5.11
Using the .NET Core version of the Scanner for MSBuild
Post-processing started.
Using the supplied value for SONAR_SCANNER_OPTS. Value: "-Djavax.net.ssl.trustStore=C:\ExampleCode\MyApp\SonarqubeS1.jks -Djavax.net.ssl.trustStorePassword="xxxxxx"
Calling the SonarScanner CLI...
INFO: Scanner configuration file: C:\Users\Administrator\.dotnet\tools\.store\dotnet-sonarscanner\5.11.0\dotnet-sonarscanner\5.11.0\tools\net5.0\any\sonar-scanner-4.8.0.2856\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: C:\ExampleCode\MyApp\.sonarqube\out\sonar-project.properties
INFO: SonarScanner 4.8.0.2856
INFO: Java 1.8.0_361 Oracle Corporation (64-bit)
INFO: Windows Server 2022 10.0 amd64
INFO: SONAR_SCANNER_OPTS="-Djavax.net.ssl.trustStore=C:\ExampleCode\MyApp\SonarqubeS1.jks -Djavax.net.ssl.trustStorePassword="xxxxxxx"
INFO: User cache: C:\Users\Administrator\.sonar\cache
INFO: ------------------------------------------------------------------------
ERROR: SonarQube server [https://sonarqube.abc.com] can not be reached
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 0.734s
INFO: Final Memory: 5M/123M
ERROR: Error during SonarScanner execution
INFO: ------------------------------------------------------------------------
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
        at java.security.AccessController.doPrivileged(Native Method)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
        at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
        at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
        at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
        at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
        at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
        ... 7 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alert.createSSLException(Alert.java:131)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:370)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:652)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:471)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:367)
        at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376)
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:479)
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:457)
        at sun.security.ssl.TransportContext.dispatch(TransportContext.java:200)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:155)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectTls(RealConnection.java:336)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:185)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Transmitter.newExchange(Transmitter.java:169)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:81)
        at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:115)
        at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
        ... 10 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
        at sun.security.validator.Validator.validate(Validator.java:271)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:312)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:221)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:128)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:636)
        ... 44 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
        ... 50 more
ERROR:
The SonarScanner did not complete successfully
23:11:51.861  Post-processing failed. Exit code: 1
=============================================================

i test run with below parameter have any error below

C:\ExampleCode\MyApp>dotnet sonarscanner begin /k:"dotnetex" /d:sonar.host.url="https://sonarqube.abc.com" /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f" /d:sonar.clientcert.path=C:\ExampleCode\MyApp\SonarqubeS1.jks /d:sonar.clientcert.password=xxxxxx

SonarScanner for MSBuild 5.11
Using the .NET Core version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
22:41:57.471  Updating build integration targets...
Unhandled exception. System.Security.Cryptography.CryptographicException: Cannot find the requested object.
   at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
   at SonarScanner.MSBuild.PreProcessor.PreprocessorObjectFactory.CreateHttpClient(String userName, String password, String clientCertPath, String clientCertPassword)
   at SonarScanner.MSBuild.PreProcessor.PreprocessorObjectFactory.CreateSonarWebService(ProcessedArgs args)
   at SonarScanner.MSBuild.PreProcessor.PreProcessor.DoExecute(ProcessedArgs localSettings)
   at SonarScanner.MSBuild.PreProcessor.PreProcessor.Execute(IEnumerable`1 args)
   at SonarScanner.MSBuild.BootstrapperClass.PreProcess()
   at SonarScanner.MSBuild.BootstrapperClass.Execute()
   at SonarScanner.MSBuild.Program.Execute(String[] args, ILogger logger)
   at SonarScanner.MSBuild.Program.Execute(String[] args)
   at SonarScanner.MSBuild.Program.Main(String[] args)
   at SonarScanner.MSBuild.Program.<Main>(String[] args)

Thanks,

Hello,

If your SonarQube instance is available through HTTPS, you must import the complete Certification Chain ; it seems your error comes from a certificate error

HTH

2 Likes

This situation shows that your certificates are not recognized by known authorities. In this case, you need to create another container that includes the .NET and SonarScanner CLI commands with the certificate you generated or own. After creating the new container, use it instead of the default provided one.