Hello,
I’ve just installed Sonarqube Community 26.3.0.120487 to normally solve my issue: “Security Category”: all is empty !…
Do you have explanations ?
Regards
Hi,
Welcome to the community and thanks for this report!
Could we have a screenshot? You may need to force an ElasticSearch reindex.
Thx,
Ann
Yes I do it (i lost all my plugin, but i will reinstall them). And now i have:
… 
Hi,
I’m a little confused at this point. It seems that you do have the security category?
Ann
…yes, but “empty” 
Hi,
Okay, I see now. At this point I’m a bit suspicious of your install. We’ve got this:
And this Security Category thing looks like a bad Elasticserach index. Again, you might try to force an ElasticSearch reindex.
Ann
I’m trying to explain
I restored all my Plugins (manually) because i reindexed El.Search. Why ? Because the Perm.VolumeClain was deleted…..
Do you have another method to reindex ? Because in my PVC there are all my plugins informations…. (thank’s for your time )
Hi,
Elasticsearch indices and plugins don’t have anything to do with each other. Or they shouldn’t. But the fact that you seem to be having trouble with both makes me suspect underlying problems with your instance. I take it you’re using Docker? How did you perform the upgrade?
Ann
Sonarqube works on K8S cluster and we have ARGO CD to manage the application on platform. To perform an upgrade I change the parameter in the chartHelm file (via Argo-CD interface):
community.buildNumber 26.3.0.120487
And of course replicaCount changes from 0 to 1.
Regards.
Yes, it seems.
The only error is:
2026.03.09 13:20:29 ERROR es[o.e.x.c.s.SSLService] unsupported ciphers [[TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA]] were requested but cannot be used in this JVM, however there are supported ciphers that will be used [[TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]]. If you are trying to use ciphers with a key length greater than 128 bits on an Oracle JVM, you will need to install the unlimited strength JCE policy files.
2
….
But, do you know how work this “Security Category” ? It fills automatically or with informations somewhere ?
Thank’s for your help…
Regards
Hi,
Is that screenshot from the Rules or the Issues page? (Which one?)
You said something about losing your plugins. I think those categories should be populated from the rules. What shows up on your Rules page for content?
Ann
Hi, thank’s Ann for your time !
My Rules page:
…. In the Security Category: nothing. But at the right side: all is ok: for example here the severity “blocker”:
….. thank’s for your help….
Hi,
I’m looking at the Rules page on our internal server:
Notice that there’s no A6 category here. So it looks like the listings in the category are showing up based on the rules to populate them.
So let’s go back to having “lost” and regained your plugins. How do you know your plugins are properly picked up? Can you share your web.log server log?
Thx,
Ann
hereafter the web.log
sonarqube_web(1).log (244 Bytes)
where is “server.log” ? systemInfo ?
Hi,
There are 2 lines in that web.log. I’m looking for the full log from server startup. As to where, did you check the link I provided?
Ann