Setup
- Sonar Community Edition Version 10.2.1 (build 78527)
- Sonar is running in Docker.
- Scanner NPM installation 4.2.0
- node version: v20.10.0
- npm version: 10.8.2
- As part of Jenkins pipeline
We use Sonar for analysis of Java and Javascript/Typescript code.
Few weeks ago we changed TLS certificate Authority for our domain example.sk
Using Maven there is no problem with connecting and performing Analysis.
However the connection to Sonar server fails for sonar-scanner when we are trying to analyse the code with …
Server URL: https://sonar.example.sk
Version: 4.2.0 [ERROR] Bootstrapper: Failed to fetch server version:
Error:unable to verify the first certificate
[ERROR] Verify that https://sonar.example.sk is a valid SonarQube server
[ERROR] An error occurred: Error: unable to verify the first certificate
I tried to follow Manage-tls-certificates docs
I added the certificate authority for the instance to java truststore
RUN usr/java21/jdk-21.0.1+12/bin/keytool -import -trustcacerts -noprompt -storepass changeit -alias zerossl-ca -file /tmp/zerossl-ca.cer -keystore /usr/java21/jdk-21.0.1+12/lib/security/cacerts && \
and when troubleshooting I did the same for fullchain certificate file and the instance itself but to no avail.
./sonar-scanner -Dsonar.host.url='https://sonar.example.sk' -Dsonar.scanner.keystorePath='/usr/java21/jdk-21.0.1+12/lib/security/cacerts' -Dsonar.scanner.keystorePassword='my_pass'