Invalid custom CA certificate store location in SonarQube 9.9

suprovsky · February 7, 2023, 1:40pm

Hey, so I’m using SonarQube hosted on Docker and I connect to two LDAP servers over SSL/TLS.
In the latest release you have changed the default location of a cacerts file being used for Java processes, meaning if anybody does the upgrade from previous versions, where I did that from 9.8, the installation will fail after the database upgrade.

I believe it would be more beneficial if you’d point the right file in the documentation, as this was what was changed between these two releases:

docker run -d --name sonarqube -v /path/to/your/cacerts.truststore:/usr/lib/jvm/java-11-openjdk/lib/security/cacerts:ro -p 9000:9000 sonarqube

while actual cacerts in the container is /opt/java/openjdk/lib/security/cacerts in 9.9. The old location in 9.8 and earlier was /etc/ssl/certs/java/cacerts.

Colin · February 8, 2023, 7:47am

Hey there.

Thanks a lot for the feedback. We’re checking that the change in paths was intentional and how to best document it if so.

tony.briget · February 9, 2023, 8:38am

Hi @suprovsky,

Thanks a lot for the suggestion! We fixed the path in the example, and the 9.9 LTS documentation now includes a release upgrade note that mentions this change.

Topic		Replies	Views
Enabling LDAPS authentication in Sonarqube 7.9.1 SonarQube Server / Community Build ldap , ssl , authentication	1	915	December 29, 2020
Updating Truststore in latest Scanner Docker Container SonarQube Server / Community Build scanner , docker	3	30	February 17, 2025
Unable to connect Sonarqube with Internal Gitlab server SonarQube Server / Community Build gitlab , ssl	7	3771	April 23, 2021
Can't add cert to latest Scanner CLI Docker image SonarQube Server / Community Build	18	971	January 7, 2025
Sonar to Jenkins via SSL SonarQube Server / Community Build	4	2090	March 19, 2022

Invalid custom CA certificate store location in SonarQube 9.9

Related topics