[error][SQ] API GET '/api/server/version' failed, error was: {"code":"SELF_SIGNED_CERT_IN_CHAIN"}

Must-share information (formatted with Markdown):
We are using sonarqube version 7.6 and TFS 2018 on which we deployed sonarqube plugin (v4.*).

We are running build via TFS CI from build definition which is,
image

And we are getting an exception as below,

2020-07-10T09:29:27.3369394Z ##[section]Starting: Prepare analysis on SonarQube
2020-07-10T09:29:27.3380602Z ==============================================================================
2020-07-10T09:29:27.3381109Z Task : Prepare Analysis Configuration
2020-07-10T09:29:27.3381507Z Description : Prepare SonarQube analysis configuration
2020-07-10T09:29:27.3381911Z Version : 4.6.3
2020-07-10T09:29:27.3382244Z Author : sonarsource
2020-07-10T09:29:27.3382745Z Help : More Information
2020-07-10T09:29:27.3383241Z ==============================================================================
2020-07-10T09:29:34.3117397Z ##[error][SQ] API GET ‘/api/server/version’ failed, error was: {“code”:“SELF_SIGNED_CERT_IN_CHAIN”}
2020-07-10T09:29:34.3188561Z ##[section]Finishing: Prepare analysis on SonarQube

We have sonarqube server which is over https, certificates has been deployed on java keystore of build machine, we have also tried setting environmental pass value of cacert file to that variable,
We also tried updating certificate in mmc as explained in https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-view-certificates-with-the-mmc-snap-in

So far no luck, help will be appreciated.

Thanks
Bharat

@ganncamp Hello Ann, It would be great if you suggest some workaround to fix this issue.

Hi @cipher

If you have a proper certificate and its CA/root, you can use the NODE_EXTRA_CA_CERTS environment variable to specify the path to them.

HTH,

Hi @mickaelcaro Yes we have self singed certificate which is internally created, I tried setting system env variable as NODE_EXTRA_CA_CERTS=C:\sonarqube\sonarqube.crt.
But its not working, I also restarted the agent service.

I have also tried to set this cafile in npm , npm config set cafile certpath. setting ssl as false. But none of them are working.

Not sure how it behaves with windows paths though. Can you check maybe setting it between double quotes ?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.