Failed to import the sonar.scanner.truststorePath

Hello @boblinn,

Is the path of your truststore correct?
It seems to miss a directory separator (\).

If it is not correct, our error message is probably clear enough as it could due to not finding the file and not about the password.

If it is correct, my guess would be that the password is neither changeit nor sonar.
Are you sure the password is one of these two?

Do I understand correctly that you want to change the password of your truststore to changeit?

If yes, you can achieve this by recreating it with openssl:

openssl pkcs12 -in <old/truststore/path.p12> -out temp.pem -nodes
openssl pkcs12 -export -in temp.pem -out <new/truststore/path.p12> -password pass:changeit

You will be ask for the old truststore password.

Good catch on the Path; the actual path is: “/d:sonar.scanner.truststorePath=C:\Users\boblinn.sonar\ssl\truststore.p12” and it does fail.

I started over having removed Sonar Extension from Visual Studio and leaving the previously installed local SonarServer but trying to access a different SonarServer URL.

Here’s the steps.

The error is shown in step 8 below for the ‘dotnet scanner begin’ step if I use the truststore.p12 OR jn step 10 below for the ‘dotnet scanner end’ step if I do not use the truststore.p12:

SonarQube Server: Version v9.9.8 (build 100196)

Installations steps as per https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/dotnet/installing/

Step 1. Open a Powershell terminal and navigate to my Visual Studio 2022 solution directory.

Step 2. Download the sonar scanner: “dotnet tool install --global dotnet-sonarscanner”

Result: “Tool ‘dotnet-sonarscanner’ is already installed.”

Step 3. Download and extract .Net Scanner “sonar-scanner-10.1.2.114627-net.zip” from here: https://github.com/SonarSource/sonar-scanner-msbuild/releases/tag/10.1.2.114627

Result: Extracted to folder “C:\SonarQube\sonar-scanner-10.1.2.114627-net”. This is my <INSTALL_DIRECTORY>

Step 4. Update the SonarQube.Analysis.xml file for the “sonar.host.url” and “sonar.token” properties.

Step 5. Add “C:\SonarQube\sonar-scanner-10.1.2.114627-net” to my PATH environment variable.

Add self-signed server certificate as per https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/scanner-environment/manage-tls-certificates/

Step 6. Create the directory C:\Users\boblinn.sonar\ssl" for the truststore keystore

Step 7. Add the truststore.p12 that I to my “C:\Users\boblinn.sonar\ssl” directory.

Step 8. Run the sonarscanner: If I run the scanner using the truststore.p12 with this Powershell command “dotnet sonarscanner begin /k:”" /d:sonar.host.url=[https://<host_url> /d:sonar.token=“***************” /d:sonar.scanner.scanAll=false /d:sonar.verbose=true" I get the following result.

Result:

SonarScanner for MSBuild 10.1.2

Using the .NET Core version of the Scanner for MSBuild

Default properties file was found at C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\SonarQube.Analysis.xml

Loading analysis properties from C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\SonarQube.Analysis.xml

sonar.verbose=true was specified - setting the log verbosity to ‘Debug’

Pre-processing started.

Preparing working directories…

Using environment variables to determine the download directory…

10:58:04.821 Loading analysis properties from C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\SonarQube.Analysis.xml

10:58:04.848 Server Url: https://<host_url>

10:58:04.848 Api Url: <host_url>/api/v2

10:58:04.848 Is SonarCloud: False

10:58:04.857 No truststore provided; attempting to use the default location.

10:58:04.887 Could not import the truststore ‘C:\Users\boblinn.sonar\ssl\truststore.p12’ with the default password at index 0. Reason: The specified network password is not correct.

10:58:04.894 Could not import the truststore ‘C:\Users\boblinn.sonar\ssl\truststore.p12’ with the default password at index 1. Reason: The specified network password is not correct.

10:58:04.895 Fall back on using the truststore from the default location at C:\Users\boblinn.sonar\ssl\truststore.p12.

10:58:04.903 sonar.verbose=true was specified - setting the log verbosity to ‘Debug’

10:58:04.911 Updating build integration targets…

10:58:04.915 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\4.0\Microsoft.Common.targets\ImportBefore

10:58:04.916 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\10.0\Microsoft.Common.targets\ImportBefore

10:58:04.916 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\11.0\Microsoft.Common.targets\ImportBefore

10:58:04.917 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\12.0\Microsoft.Common.targets\ImportBefore

10:58:04.917 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\14.0\Microsoft.Common.targets\ImportBefore

10:58:04.918 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\15.0\Microsoft.Common.targets\ImportBefore

10:58:04.918 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\Current\Microsoft.Common.targets\ImportBefore

10:58:04.921 Installed SonarQube.Integration.targets to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\bin\targets

10:58:04.922 Creating config and output folders…

10:58:04.924 Creating directory: C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf

10:58:04.925 Creating directory: C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\out

10:58:04.949 Failed to import the sonar.scanner.truststorePath file C:\Users\boblinn.sonar\ssl\truststore.p12: The specified network password is not correct.

Unhandled exception. System.Security.Cryptography.CryptographicException: The specified network password is not correct.

at System.Security.Cryptography.X509Certificates.X509CertificateLoader.ImportPfx(ReadOnlySpan1 data, ReadOnlySpan1 password, X509KeyStorageFlags keyStorageFlags)

at System.Security.Cryptography.X509Certificates.X509CertificateLoader.LoadPkcs12NoLimits(ReadOnlyMemory1 data, ReadOnlySpan1 password, X509KeyStorageFlags keyStorageFlags, X509Certificate2Collection& earlyReturn)

at System.Security.Cryptography.X509Certificates.X509CertificateLoader.LoadPkcs12Collection(ReadOnlyMemory1 data, ReadOnlySpan1 password, X509KeyStorageFlags keyStorageFlags, Pkcs12LoaderLimits loaderLimits)

at System.Security.Cryptography.X509Certificates.X509CertificateLoader.LoadFromFile[T](String path, ReadOnlySpan1 password, X509KeyStorageFlags keyStorageFlags, Pkcs12LoaderLimits loaderLimits, LoadFromFileFunc1 loader)

at System.Security.Cryptography.X509Certificates.X509CertificateLoader.LoadPkcs12CollectionFromFile(String path, ReadOnlySpan`1 password, X509KeyStorageFlags keyStorageFlags, Pkcs12LoaderLimits loaderLimits)

at System.Security.Cryptography.X509Certificates.StorePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)

at System.Security.Cryptography.X509Certificates.X509Certificate2Collection.Import(String fileName, String password, X509KeyStorageFlags keyStorageFlags)

at SonarScanner.MSBuild.PreProcessor.WebClientDownloaderBuilder.AddServerCertificate(String serverCertPath, String serverCertPassword)

at SonarScanner.MSBuild.PreProcessor.PreprocessorObjectFactory.g__CreateDownloader|2_0(String baseUrl, <>c__DisplayClass2_0&)

at SonarScanner.MSBuild.PreProcessor.PreprocessorObjectFactory.CreateSonarWebServer(ProcessedArgs args, IDownloader webDownloader, IDownloader apiDownloader)

at SonarScanner.MSBuild.PreProcessor.PreProcessor.DoExecute(ProcessedArgs localSettings)

at SonarScanner.MSBuild.PreProcessor.PreProcessor.Execute(IEnumerable`1 args)

at SonarScanner.MSBuild.BootstrapperClass.PreProcess()

at SonarScanner.MSBuild.BootstrapperClass.Execute()

at SonarScanner.MSBuild.Program.Execute(String args, ILogger logger)

at SonarScanner.MSBuild.Program.Execute(String args)

at SonarScanner.MSBuild.Program.Main(String args)

at SonarScanner.MSBuild.Program.(String args)

Step 8 Run the sonarscanner: If I run the scanner without using the truststore.p12 with this Powershell command “dotnet sonarscanner begin /k:”" /d:sonar.host.url=<host_url> /d:sonar.token=“******************” /d:sonar.scanner.scanAll=false /d:sonar.verbose=true" I get the following result.

Result:

dotnet sonarscanner begin /k:“” /d:sonar.host.url=<host_url> /d:sonar.token=“**********************” /d:sonar.scanner.scanAll=false /d:sonar.verbose=true

SonarScanner for MSBuild 10.1.2

Using the .NET Core version of the Scanner for MSBuild

Default properties file was found at C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\SonarQube.Analysis.xml

Loading analysis properties from C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\SonarQube.Analysis.xml

sonar.verbose=true was specified - setting the log verbosity to ‘Debug’

Pre-processing started.

Preparing working directories…

Using environment variables to determine the download directory…

10:59:39.725 Loading analysis properties from C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\SonarQube.Analysis.xml

10:59:39.748 Server Url: https://sonarqube.corp.sanmar.com

10:59:39.748 Api Url: https://sonarqube.corp.sanmar.com/api/v2

10:59:39.749 Is SonarCloud: False

10:59:39.757 No truststore provided; attempting to use the default location.

10:59:39.759 No truststore found at the default location; proceeding without a truststore.

10:59:39.767 sonar.verbose=true was specified - setting the log verbosity to ‘Debug’

10:59:39.773 Updating build integration targets…

10:59:39.778 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\4.0\Microsoft.Common.targets\ImportBefore

10:59:39.779 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\10.0\Microsoft.Common.targets\ImportBefore

10:59:39.78 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\11.0\Microsoft.Common.targets\ImportBefore

10:59:39.78 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\12.0\Microsoft.Common.targets\ImportBefore

10:59:39.78 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\14.0\Microsoft.Common.targets\ImportBefore

10:59:39.781 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\15.0\Microsoft.Common.targets\ImportBefore

10:59:39.781 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\boblinn\AppData\Local\Microsoft\MSBuild\Current\Microsoft.Common.targets\ImportBefore

10:59:39.784 Installed SonarQube.Integration.targets to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\bin\targets

10:59:39.786 Creating config and output folders…

10:59:39.787 Creating directory: C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf

10:59:39.788 Creating directory: C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\out

10:59:39.816 Downloading from https://<host_url>/api/settings/values?component=unknown)…

10:59:39.968 Response received from <host_url>/api/settings/values?component=unknown…

10:59:39.972 Fetching server version…

10:59:39.981 Downloading from https://<host_url>/api/v2/analysis/version)…

10:59:39.997 Response received from https://<host_url>/api/v2/analysis/version)…

10:59:39.999 Downloading from https://<host_url>/api/v2/analysis/version) failed. Http status code is NotFound.

10:59:40.005 Downloading from https://<host_url>/api/server/version)…

10:59:40.01 Response received from https://<host_url>/api/server/version)…

10:59:40.012 Using SonarQube v9.9.8.100196.

10:59:40.013 Checking if the server version is supported…

10:59:40.016 Checking validity of server license…

10:59:40.017 Downloading from https://<host_url>/api/editions/is_valid_license)…

10:59:40.022 Response received from https://<host_url>/api/editions/is_valid_license)…

10:59:40.05 SonarQube Community Edition detected, license is valid.

10:59:40.053 JreResolver: Resolving JRE path.

10:59:40.054 JreResolver: Skipping Java runtime environment provisioning because this version of SonarQube does not support it.

10:59:40.059 Fetching analysis configuration settings…

10:59:40.065 Fetching properties for project ‘’…

10:59:40.067 Downloading from https://<host_url>/api/settings/values?component=)…

10:59:40.081 Response received from https://<host_url>/api/settings/values?component=)…

10:59:40.098 Downloading from https://<host_url>/api/languages/list)…

10:59:40.104 Response received from https://<host_url>/api/languages/list)…

10:59:40.109 Fetching quality profile for project ‘’…

10:59:40.111 Downloading from https://<host_url>/api/qualityprofiles/search?project=)…

10:59:40.131 Response received from https://<host_url>/api/qualityprofiles/search?project=)…

10:59:40.144 Fetching rules for quality profile ‘AXYfPHPSq4pddKGKBow4’…

10:59:40.145 Downloading from https://<host_url>/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=AXYfPHPSq4pddKGKBow4&p=1)…

10:59:40.197 Response received from https://<host_url>/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=AXYfPHPSq4pddKGKBow4&p=1)…

10:59:40.216 Local analyzer cache: C:\Users\boblinn\AppData\Local\Temp.sonarqube\resources

10:59:40.219 Writing Roslyn generated ruleset to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf\Sonar-cs.ruleset…

10:59:40.248 Writing Roslyn generated ruleset to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf\Sonar-cs-none.ruleset…

10:59:40.254 Provisioning analyzer assemblies for cs…

10:59:40.255 Installing required Roslyn analyzers…

10:59:40.255 Processing plugin: csharp version 8.51.0.59060

10:59:40.312 Cache hit: using plugin files from C:\Users\boblinn\AppData\Local\Temp.sonarqube\resources\0

10:59:40.32 Writing Roslyn analyzer additional file to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf\cs\SonarLint.xml…

10:59:40.322 Fetching quality profile for project ‘’…

10:59:40.322 Downloading from https://<host_url>/api/qualityprofiles/search?project=/api/qualityprofiles/search?project=…

10:59:40.349 Response received from https://<host_url>/api/qualityprofiles/search?project=)…

10:59:40.353 Fetching rules for quality profile ‘AXYfPH3Kq4pddKGKBpI8’…

10:59:40.354 Downloading from https://<host_url>/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=AXYfPH3Kq4pddKGKBpI8&p=1)…

10:59:40.386 Response received from https://<host_url>/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=AXYfPH3Kq4pddKGKBpI8&p=1)…

10:59:40.395 Local analyzer cache: C:\Users\boblinn\AppData\Local\Temp.sonarqube\resources

10:59:40.397 Writing Roslyn generated ruleset to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf\Sonar-vbnet.ruleset…

10:59:40.399 Writing Roslyn generated ruleset to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf\Sonar-vbnet-none.ruleset…

10:59:40.399 Provisioning analyzer assemblies for vbnet…

10:59:40.4 Installing required Roslyn analyzers…

10:59:40.4 Processing plugin: vbnet version 8.51.0.59060

10:59:40.4 Cache hit: using plugin files from C:\Users\boblinn\AppData\Local\Temp.sonarqube\resources\1

10:59:40.401 Writing Roslyn analyzer additional file to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\conf\vbnet\SonarLint.xml…

10:59:40.409 Processing analysis cache

10:59:40.415 Incremental PR analysis: Base branch parameter was not provided.

10:59:40.415 Cache data is empty. A full analysis will be performed.

10:59:40.447 Pre-processing succeeded.

Step 9. Run the build: “dotnet build” (using the previous successful scanner)

Result: Build succeeded with 91 warning(s) in 23.5s

Step 10. End the scanner: dotnet sonarscanner end /d:sonar.token=“*******************”

SonarScanner for MSBuild 10.1.2

Using the .NET Core version of the Scanner for MSBuild

Post-processing started.

(list displays the files and issues… ending with)

(Here’s the rest of the failure)

11:09:55.017 Writing processing summary to C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\out\ProjectInfo.log
Calling the SonarScanner CLI…
Setting environment variable ‘SONAR_SCANNER_OPTS’. Value: -Djavax.net.ssl.trustStoreType=Windows-ROOT -D
Executing file C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\sonar-scanner-5.0.1.3006\bin\sonar-scanner.bat
Args: -Dproject.settings=C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\out\sonar-project.properties --from=ScannerMSBuild/10.1.2 --debug -Dsonar.scanAllFiles=true
Working directory: C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation
Timeout (ms):-1
Process id: 36168
11:09:55.575 INFO: Scanner configuration file: C:\Users\boblinn.dotnet\tools.store\dotnet-sonarscanner\10.1.2\dotnet-sonarscanner\10.1.2\tools\netcoreapp3.1\any\sonar-scanner-5.0.1.3006\bin..\conf\sonar-scanner.properties
11:09:55.591 INFO: Project root configuration file: C:\Users\boblinn\source\repos\SEAM\src\SanMar.Azure.FunctionApps.Instrumentation.sonarqube\out\sonar-project.properties
11:09:55.623 INFO: SonarScanner 5.0.1.3006
11:09:55.623 INFO: Java 17 Oracle Corporation (64-bit)
11:09:55.623 INFO: Windows 10 10.0 amd64
11:09:55.623 INFO: SONAR_SCANNER_OPTS=-Djavax.net.ssl.trustStoreType=Windows-ROOT -D
11:09:56.101 DEBUG: keyStore is :
11:09:56.101 DEBUG: keyStore type is : pkcs12
11:09:56.101 DEBUG: keyStore provider is :
11:09:56.101 DEBUG: init keystore
11:09:56.117 DEBUG: init keymanager of type SunX509
11:09:56.294 DEBUG: Create: C:\Users\boblinn.sonar\cache
11:09:56.294 INFO: User cache: C:\Users\boblinn.sonar\cache
11:09:56.294 DEBUG: Create: C:\Users\boblinn.sonar\cache_tmp
11:09:56.299 DEBUG: Extract sonar-scanner-api-batch in temp…
11:09:56.301 DEBUG: Get bootstrap index…
11:09:56.301 DEBUG: Download: https://<host_url>/batch/index
11:09:56.464 INFO: ------------------------------------------------------------------------
11:09:56.464 INFO: EXECUTION FAILURE
11:09:56.464 ERROR: SonarQube server [<host_url>] can not be reached
11:09:56.464 INFO: ------------------------------------------------------------------------
11:09:56.464 INFO: Total time: 0.905s
11:09:56.480 INFO: Final Memory: 4M/40M
11:09:56.480 ERROR: Error during SonarScanner execution
11:09:56.480 INFO: ------------------------------------------------------------------------
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
… 7 more
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:371)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:309)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1500)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1415)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectTls(RealConnection.java:336)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:185)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Transmitter.newExchange(Transmitter.java:169)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:81)
at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:115)
at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
… 10 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
… 44 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
… 49 more
Process returned exit code 1
The SonarScanner did not complete successfully
11:09:56.545 Post-processing failed. Exit code: 1

I resolved this issue.
The correct password is ‘sonarlint’ as specified here: Advanced configuration for Connected Mode and SonarQube for IDE

It seems the Visual Studio 2022 Sonar Extension creates the ‘truststore.p12’ files and sets the password to ‘sonarlint’.

Thank you for pointing this out!

I think there is some discrepancy in our products here.
I will raise this so we can align on the truststore password across all of our products.

Over the weekend we updated to ‘Developer Edition v2025.2 (105476)’ and the dotnet sonarscanner end process now fails with the following error.
Any thoughts or suggestions is appreciated.

10:19:29.746 ERROR: Error during SonarScanner execution
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.api.internal.IsolatedClassloader@6a192cfe-org.sonar.scanner.bootstrap.ScannerPluginRepository': Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'org.sonarsource.scanner.api.internal.IsolatedClassloader@6a192cfe-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'org.sonarsource.scanner.api.internal.IsolatedClassloader@6a192cfe-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'DefaultScannerWsClient' defined in org.sonar.scanner.http.ScannerWsClientProvider: Failed to instantiate [org.sonar.scanner.http.DefaultScannerWsClient]: Factory method 'provide' threw exception with message: Illegal char <       > at index 27: C:Usersboblinn.sonarlintssl      ruststore.p12
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:804)
        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:240)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1381)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1218)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:563)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:523)
        at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:336)
        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:307)
        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:334)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.instantiateSingleton(DefaultListableBeanFactory.java:1122)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingleton(DefaultListableBeanFactory.java:1093)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:1030)
        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:987)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:627)
        at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:226)
        at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:206)
        at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:73)
        at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
        at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
        at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)
        at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
        at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
        at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.api.internal.IsolatedClassloader@6a192cfe-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'org.sonarsource.scanner.api.internal.IsolatedClassloader@6a192cfe-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'DefaultScannerWsClient' defined in org.sonar.scanner.http.ScannerWsClientProvider: Failed to instantiate [org.sonar.scanner.http.DefaultScannerWsClient]: Factory method 'provide' threw exception with message: Illegal char <    > at index 27: C:Usersboblinn.sonarlintssl      ruststore.p12
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:804)

Hi @boblinn,

If a closer look at the error message

and your truststore doesn’t make the problem clear, please create a new thread.

 
Thx,
Ann

No, unfortunately it does not make the problem clear since the the only change was to the SonarQube server.
The 'dontnet sonarscanner begin command does in fact contact our updated SonarQube Server and does retrieve the rules. The output is “The remote server certificate is trusted by the operating system. Provided truststore was not used.”
However the ‘dotnet sonarscanner end’ fails using the same token, truststore and password.
How should I create a new thread which references / picks up from this thread?

Hi,

I’m asking you to create a new thread at least in part because the error is different.

But if you really feel the need to reference this thread, then simply include the URL in your post.

 
Ann