Dotnet sonarqube fail ERROR: SonarQube server cannot be reached

miro · February 1, 2023, 7:23am

Hello,

i try to run sonar scan from dotnet code with below command then i got the error cannot be reached after run dotnet sonarscanner end … how to solve this issue or i miss some parameter of dotnet

dotnet sonarscanner begin /k:"dotnetex" /d:sonar.host.url="https://sonarqube.abc.com" /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f"
dotnet build
dotnet sonarscanner end /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f"

===========================================================
C:\ExampleCode\MyApp>dotnet sonarscanner end /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f"
SonarScanner for MSBuild 5.11
Using the .NET Core version of the Scanner for MSBuild
Post-processing started.
Using the supplied value for SONAR_SCANNER_OPTS. Value: "-Djavax.net.ssl.trustStore=C:\ExampleCode\MyApp\SonarqubeS1.jks -Djavax.net.ssl.trustStorePassword="xxxxxx"
Calling the SonarScanner CLI...
INFO: Scanner configuration file: C:\Users\Administrator\.dotnet\tools\.store\dotnet-sonarscanner\5.11.0\dotnet-sonarscanner\5.11.0\tools\net5.0\any\sonar-scanner-4.8.0.2856\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: C:\ExampleCode\MyApp\.sonarqube\out\sonar-project.properties
INFO: SonarScanner 4.8.0.2856
INFO: Java 1.8.0_361 Oracle Corporation (64-bit)
INFO: Windows Server 2022 10.0 amd64
INFO: SONAR_SCANNER_OPTS="-Djavax.net.ssl.trustStore=C:\ExampleCode\MyApp\SonarqubeS1.jks -Djavax.net.ssl.trustStorePassword="xxxxxxx"
INFO: User cache: C:\Users\Administrator\.sonar\cache
INFO: ------------------------------------------------------------------------
ERROR: SonarQube server [https://sonarqube.abc.com] can not be reached
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 0.734s
INFO: Final Memory: 5M/123M
ERROR: Error during SonarScanner execution
INFO: ------------------------------------------------------------------------
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
        at java.security.AccessController.doPrivileged(Native Method)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
        at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
        at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
        at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
        at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
        at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
        ... 7 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alert.createSSLException(Alert.java:131)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:370)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:652)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:471)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:367)
        at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376)
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:479)
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:457)
        at sun.security.ssl.TransportContext.dispatch(TransportContext.java:200)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:155)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectTls(RealConnection.java:336)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:185)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Transmitter.newExchange(Transmitter.java:169)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
        at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:81)
        at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:115)
        at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
        ... 10 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
        at sun.security.validator.Validator.validate(Validator.java:271)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:312)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:221)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:128)
        at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:636)
        ... 44 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
        ... 50 more
ERROR:
The SonarScanner did not complete successfully
23:11:51.861  Post-processing failed. Exit code: 1
=============================================================

i test run with below parameter have any error below

C:\ExampleCode\MyApp>dotnet sonarscanner begin /k:"dotnetex" /d:sonar.host.url="https://sonarqube.abc.com" /d:sonar.login="a39e2925b3f71974f102dd46cd18183e510fb58f" /d:sonar.clientcert.path=C:\ExampleCode\MyApp\SonarqubeS1.jks /d:sonar.clientcert.password=xxxxxx

SonarScanner for MSBuild 5.11
Using the .NET Core version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
22:41:57.471  Updating build integration targets...
Unhandled exception. System.Security.Cryptography.CryptographicException: Cannot find the requested object.
   at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
   at SonarScanner.MSBuild.PreProcessor.PreprocessorObjectFactory.CreateHttpClient(String userName, String password, String clientCertPath, String clientCertPassword)
   at SonarScanner.MSBuild.PreProcessor.PreprocessorObjectFactory.CreateSonarWebService(ProcessedArgs args)
   at SonarScanner.MSBuild.PreProcessor.PreProcessor.DoExecute(ProcessedArgs localSettings)
   at SonarScanner.MSBuild.PreProcessor.PreProcessor.Execute(IEnumerable`1 args)
   at SonarScanner.MSBuild.BootstrapperClass.PreProcess()
   at SonarScanner.MSBuild.BootstrapperClass.Execute()
   at SonarScanner.MSBuild.Program.Execute(String[] args, ILogger logger)
   at SonarScanner.MSBuild.Program.Execute(String[] args)
   at SonarScanner.MSBuild.Program.Main(String[] args)
   at SonarScanner.MSBuild.Program.<Main>(String[] args)

Thanks,

Mikaciu · February 1, 2023, 12:41pm

Hello,

If your SonarQube instance is available through HTTPS, you must import the complete Certification Chain ; it seems your error comes from a certificate error

HTH