Hello,
we’re getting the following error when we do sonar scan using Maven with the following command:
mvn sonar:sonar -Dsonar.projectKey= **{** args.sonarProjectKey **}** -Dsonar.projectName= { args.sonarProjectKey } -Dsonar.host.url= **{** this.sonarURL **}** -DskipTests=true -Dsonar.login= { token }
The certificate is a self-signed cert and it’s signed by a self-signed CA that is already trusted in /etc/pki/java/cacerts (default path for java keystore on RH)
Maven is already doing the build on the same server and downloading source from a git server that is exposing same self signed cert
we’re already tested sonar plugin versions from 3.2 to 3.7, but all of those have the same problem
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar (default-cli) on project cb-springbootdemo: Unable to load component class org.sonar.scanner.bootstrap.ScannerPluginInstaller: Unable to load component class org.sonar.scanner.bootstrap.PluginFiles: Unable to load component class org.sonar.scanner.bootstrap.GlobalConfiguration: Unable to load component class org.sonar.scanner.bootstrap.GlobalServerSettings: Fail to request https://sonar.pp.mycloud.internal/api/settings/values.protobuf: Hostname sonar.pp.mycloud.internal not verified:
[ERROR] certificate: sha256/Lgazfh9EyHEx06ThOKK4qjv785z/+BFfetrbtrbyrDUcsM=
[ERROR] DN: EMAILADDRESS=myname@mydomain.com, CN=sonar.pp.mycloud.internal, OU=myOU, O=myO, L=myCity, ST=myCityTitle, C=IT
[ERROR] subjectAltNames:
[ERROR] -> [Help 1]
with verbose enabled we get the following output more:
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname sonar.pp.mycloud.internal not verified:
certificate: sha256/Lgazfh9EyHEx06ThOKK4qjv785z/dddddFqddddddddUcsM=
DN: EMAILADDRESS=myname@mydomain.com, CN=sonar.pp.mycloud.internal, OU=myOU, O=myO, L=myCity, ST=myCityTitle, C=IT
subjectAltNames:
at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:350)
at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:185)
at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:107)
at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:87)
at okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:162)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
at okhttp3.RealCall.execute(RealCall.java:81)
at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:199)
… 116 more