Server certificate verification failed

$ curl -i -u 4364xxxxxx: https://sonarcloud.io/api/ce/task?id=AXJlv7Evb4VcGeMaMYcz
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

Hey there.

This seems to be related to this ongoing issue.

I have the same issue In Prepare analysis On SonarCloud step.

##[error]03:57:12.904 Failed to request and parse β€˜https://sonarcloud.io/api/server/version’: The SSL connection could not be established, see inner exception. The remote certificate is invalid according to the validation procedure.
03:57:12.904 Failed to request and parse β€˜https://sonarcloud.io/api/server/version’: The SSL connection could not be established, see inner exception. The remote certificate is invalid according to the validation procedure.
##[error]Unhandled Exception:

##[error]System.Net.WebException: The SSL connection could not be established, see inner exception. The remote certificate is invalid according to the validation procedure. β€”> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. β€”> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)

Hi @romani, @_ara, I would recommend you upgrade the components involved in the https calls to the latest version.

The issue you are having is caused by this change.

For instance, you could attempt upgrading your curl program version to the latest. This solution has proven working here.

Hi. We’ve regenerated the sonarcloud.io certificate to remove the expired root certificate from it. This should address your issue. Please let me know!
Thanks!

1 Like