Sonar Lint manage Connection Failed VS 2022

FM197 · December 10, 2024, 9:08am

If your question is about SonarLint in the IntelliJ Platform, VS Code, Visual Studio, or Eclipse, please post it in that sub-category.

Otherwise, please provide:

Operating system:
Windows 10 entreprise
Visual Studio version: 17.11.6
SonarLint plugin version: SonarLint. 8.8.0.11278

Programming language you’re coding in: C#

IDE name and flavor/env:

And a thorough description of the problem / question:

I can not add manage connection with token authentication without any errors
options: SonarCloud

log Error:
[SharedBindingConfigProvider] The .sonarlint shared folder was not found
[SLCore.Http] Received server trust verification request…
[CertificateChainValidator] Certificate validation failed for the following reason(s):
[CertificateChainValidator] RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.

[SLCore.Http] Server verification result: False
[SharedBindingConfigProvider] The .sonarlint shared folder was not found

Miroslav_Ostojic · February 14, 2025, 8:42am

I have the same issue and haven’t found the solution yet. Did you get anywhere with this?

nicolas.quinquenel · February 14, 2025, 9:05am

Hello, sorry for the late reply on this. We are looking into this.

@Miroslav_Ostojic, could you please share the SonarQube for IDE logs with us? This would help us investigate the problem. It would be great to also know about your SonarQube for IDE version, thanks!

Miroslav_Ostojic · February 14, 2025, 11:00am

Thanks Nicolas

Here are some logs:
Initializing security package…
Finished initializing security package.
[SLCore > Http] Received server trust verification request…
[CertificateChainValidator] Certificate validation failed for the following reason(s):
[CertificateChainValidator] RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.

[SLCore > Http] Server verification result: False
[ThreadId 388] [SLCore > Http] Received server trust verification request…
[DEBUG] [ThreadId 388] [CertificateChainValidator] Validating certificate: [Subject]
CN=sonarcloud.io

[Issuer]
CN=SSL-SG1-GLOBAL, OU=Operations, O=Cloud Services, C=US

[Serial Number]
4243534ED870ECEABF619FD30000000006A7B788

[Not Before]
03/02/2025 01.00.00

[Not After]
06/03/2026 00.59.59

[Thumbprint]
4003E13BA048BBCCF0551E58D748E53BB3167BBB

[DEBUG] [ThreadId 388] [CertificateChainValidator] Using chain certificate: [Subject]
CN=sonarcloud.io

[Issuer]
CN=SSL-SG1-GLOBAL, OU=Operations, O=Cloud Services, C=US

[Serial Number]
4243534ED870ECEABF619FD30000000006A7B788

[Not Before]
03/02/2025 01.00.00

[Not After]
06/03/2026 00.59.59

[Thumbprint]
4003E13BA048BBCCF0551E58D748E53BB3167BBB

[DEBUG] [ThreadId 388] [CertificateChainValidator] Using chain certificate: [Subject]
CN=sonarcloud.io

[Issuer]
CN=SSL-SG1-GLOBAL, OU=Operations, O=Cloud Services, C=US

[Serial Number]
4243534ED870ECEABF619FD30000000006A7B788

[Not Before]
03/02/2025 01.00.00

[Not After]
06/03/2026 00.59.59

[Thumbprint]
4003E13BA048BBCCF0551E58D748E53BB3167BBB

[ThreadId 388] [CertificateChainValidator] Certificate validation failed for the following reason(s):
[ThreadId 388] [CertificateChainValidator] RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.

[ThreadId 388] [SLCore > Http] Server verification result: False
[DEBUG] [ThreadId 104] [SLCore] [sonarlint > httpclient-dispatch-6] Request failed
[DEBUG] [ThreadId 104] [SLCore] [sonarlint > httpclient-dispatch-6] javax.net.ssl.SSLHandshakeException: The certificate chain is not trusted
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown Source)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(Unknown Source)
at org.apache.hc.core5.reactor.ssl.SSLIOSession.doRunTask(SSLIOSession.java:343)
at org.apache.hc.core5.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:414)
at org.apache.hc.core5.reactor.ssl.SSLIOSession.access$100(SSLIOSession.java:74)
at org.apache.hc.core5.reactor.ssl.SSLIOSession$1.inputReady(SSLIOSession.java:201)
at org.apache.hc.core5.reactor.InternalDataChannel.onIOEvent(InternalDataChannel.java:143)
at org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:51)
at org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:176)
at org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:125)
at org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:92)
at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertificateException: The certificate chain is not trusted
at nl.altindag.ssl.trustmanager.CombinableX509TrustManager.checkTrusted(CombinableX509TrustManager.java:61)
at nl.altindag.ssl.trustmanager.AggregatedX509ExtendedTrustManager.checkServerTrusted(AggregatedX509ExtendedTrustManager.java:91)
… 20 more
Suppressed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at java.base/sun.security.validator.Validator.validate(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at nl.altindag.ssl.trustmanager.DelegatingX509ExtendedTrustManager.checkServerTrusted(DelegatingX509ExtendedTrustManager.java:53)
at nl.altindag.ssl.trustmanager.AggregatedX509ExtendedTrustManager.lambda$checkServerTrusted$5(AggregatedX509ExtendedTrustManager.java:91)
at nl.altindag.ssl.trustmanager.CombinableX509TrustManager.checkTrusted(CombinableX509TrustManager.java:41)
… 21 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
… 29 more
Suppressed: java.security.cert.CertificateException: No X509ExtendedTrustManager implementation available
at nl.altindag.ssl.trustmanager.DummyX509ExtendedTrustManager.checkServerTrusted(DummyX509ExtendedTrustManager.java:69)
at nl.altindag.ssl.trustmanager.DelegatingX509ExtendedTrustManager.checkServerTrusted(DelegatingX509ExtendedTrustManager.java:53)
at nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager.lambda$checkServerTrusted$2(HotSwappableX509ExtendedTrustManager.java:71)
at nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager.checkTrusted(HotSwappableX509ExtendedTrustManager.java:92)
at nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager.checkServerTrusted(HotSwappableX509ExtendedTrustManager.java:71)
at nl.altindag.ssl.trustmanager.InflatableX509ExtendedTrustManager.lambda$checkServerTrusted$4(InflatableX509ExtendedTrustManager.java:119)
at nl.altindag.ssl.trustmanager.InflatableX509ExtendedTrustManager.checkTrusted(InflatableX509ExtendedTrustManager.java:150)
at nl.altindag.ssl.trustmanager.InflatableX509ExtendedTrustManager.checkServerTrusted(InflatableX509ExtendedTrustManager.java:119)
at nl.altindag.ssl.trustmanager.AggregatedX509ExtendedTrustManager.lambda$checkServerTrusted$5(AggregatedX509ExtendedTrustManager.java:91)
at nl.altindag.ssl.trustmanager.CombinableX509TrustManager.checkTrusted(CombinableX509TrustManager.java:41)
… 21 more

[DEBUG] [ThreadId 104] [SLCore] [sonarlint > SonarLint Server RPC request executor] GET https://sonarcloud.io/api/system/status javax.net.ssl.SSLHandshakeException: The certificate chain is not trusted | failed after 301ms

gabriela.trutan · February 21, 2025, 11:48am

Hello @FM197 and @Miroslav_Ostojic,

Both problems seem to be with verifying the server certificate. Please follow the steps as described in the Advanced configuration section of the Sonar Qube for IDE documentation.

rene1 · February 24, 2025, 10:02am

I had the exact same problem and what fixed it for me is setting the Path in Tools->Options->SonarQube for Visual Studio->General->Java Home from the built in JRE to my installe JDK (in my case: C:\Program Files\Amazon Corretto\jdk17.0.14_7). After this I restarted the IDE and then it worked. Hope this helps

alexvaccaro · March 13, 2025, 5:01pm

Hi, facing a similar issue as described above when trying to setup a connection to SonarCube Cloud, these are my logs

[ThreadId 372] [SLCore > Http] Received server trust verification request...
[DEBUG] [ThreadId 372] [CertificateChainValidator] Validating certificate: [Subject]
  CN=sonarcloud.io, OU=Bitglass Inc, O=Bitglass Inc, L=Campbell, S=CA, C=US

[Issuer]
  CN=BG_SEProxy_CA, OU=Bitglass Inc, O=Bitglass Inc, L=Campbell, S=CA, C=US

[Serial Number]
  542F61A60C74704515D21513D973639D957474AB

[Not Before]
  12/03/2025 12:02:55

[Not After]
  11/06/2025 13:02:55

[Thumbprint]
  602D3CB99A2C4E23D5A517DB13954F5033C062B9

[ThreadId 372] [CertificateChainValidator] Certificate validation failed for the following reason(s):
[ThreadId 372] [CertificateChainValidator] RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.

[ThreadId 372] [SLCore > Http] Server verification result: False
[DEBUG] [ThreadId 340] [SLCore] [sonarlint > httpclient-dispatch-2] Request failed
[DEBUG] [ThreadId 340] [SLCore] [sonarlint > httpclient-dispatch-2] javax.net.ssl.SSLHandshakeException: The certificate chain is not trusted
	at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
	at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(Unknown Source)
	at java.base/java.security.AccessController.doPrivileged(Unknown Source)
	at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(Unknown Source)
	at org.apache.hc.core5.reactor.ssl.SSLIOSession.doRunTask(SSLIOSession.java:343)
	at org.apache.hc.core5.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:414)
	at org.apache.hc.core5.reactor.ssl.SSLIOSession.access$100(SSLIOSession.java:74)
	at org.apache.hc.core5.reactor.ssl.SSLIOSession$1.inputReady(SSLIOSession.java:201)
	at org.apache.hc.core5.reactor.InternalDataChannel.onIOEvent(InternalDataChannel.java:143)
	at org.apache.hc.core5.reactor.InternalChannel.handleIOEvent(InternalChannel.java:51)
	at org.apache.hc.core5.reactor.SingleCoreIOReactor.processEvents(SingleCoreIOReactor.java:176)
	at org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:125)
	at org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:92)
	at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)
	at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertificateException: The certificate chain is not trusted
	at nl.altindag.ssl.trustmanager.CombinableX509TrustManager.checkTrusted(CombinableX509TrustManager.java:61)
	at nl.altindag.ssl.trustmanager.AggregatedX509ExtendedTrustManager.checkServerTrusted(AggregatedX509ExtendedTrustManager.java:91)
	... 20 more
	Suppressed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
		at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
		at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
		at java.base/sun.security.validator.Validator.validate(Unknown Source)
		at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
		at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
		at nl.altindag.ssl.trustmanager.DelegatingX509ExtendedTrustManager.checkServerTrusted(DelegatingX509ExtendedTrustManager.java:53)
		at nl.altindag.ssl.trustmanager.AggregatedX509ExtendedTrustManager.lambda$checkServerTrusted$5(AggregatedX509ExtendedTrustManager.java:91)
		at nl.altindag.ssl.trustmanager.CombinableX509TrustManager.checkTrusted(CombinableX509TrustManager.java:41)
		... 21 more
	Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
		at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
		at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
		at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
		... 29 more
	Suppressed: java.security.cert.CertificateException: No X509ExtendedTrustManager implementation available
		at nl.altindag.ssl.trustmanager.DummyX509ExtendedTrustManager.checkServerTrusted(DummyX509ExtendedTrustManager.java:69)
		at nl.altindag.ssl.trustmanager.DelegatingX509ExtendedTrustManager.checkServerTrusted(DelegatingX509ExtendedTrustManager.java:53)
		at nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager.lambda$checkServerTrusted$2(HotSwappableX509ExtendedTrustManager.java:71)
		at nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager.checkTrusted(HotSwappableX509ExtendedTrustManager.java:92)
		at nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager.checkServerTrusted(HotSwappableX509ExtendedTrustManager.java:71)
		at nl.altindag.ssl.trustmanager.InflatableX509ExtendedTrustManager.lambda$checkServerTrusted$4(InflatableX509ExtendedTrustManager.java:119)
		at nl.altindag.ssl.trustmanager.InflatableX509ExtendedTrustManager.checkTrusted(InflatableX509ExtendedTrustManager.java:150)
		at nl.altindag.ssl.trustmanager.InflatableX509ExtendedTrustManager.checkServerTrusted(InflatableX509ExtendedTrustManager.java:119)
		at nl.altindag.ssl.trustmanager.AggregatedX509ExtendedTrustManager.lambda$checkServerTrusted$5(AggregatedX509ExtendedTrustManager.java:91)
		at nl.altindag.ssl.trustmanager.CombinableX509TrustManager.checkTrusted(CombinableX509TrustManager.java:41)
		... 21 more

[DEBUG] [ThreadId 340] [SLCore] [sonarlint > SonarLint Server RPC request executor] GET https://sonarcloud.io/api/system/status javax.net.ssl.SSLHandshakeException: The certificate chain is not trusted | failed after 590ms
[ThreadId 1] [Shared Binding] The shared binding configuration file was not found and will not be used. Probed path: not found

I have read Advanced configuration for Connected Mode and SonarQube for IDE but I don’t find it clear - I assume it’s aimed at users using a instance of SonarCube on the local networks with a custime sll certificate rather than users of SonarCube Cloud .

Colin · March 14, 2025, 8:15am

Hey @alexvaccaro

We face a similar issue internally with our security software, requiring us to add the Root CA certificate used for traffic inspection (for us, Fortinet. For you, Forcepoint?) to the Java keystore as documented. This is true even for connecting with hosted services like SonarQube Cloud.

It’s likely that your security/IT team has this cert documented internally.

Topic		Replies	Views
Can't connect Visual Studio SonarLint to SonarQube: Validating the connection failed Visual Studio sonarqube , visualstudio , sonarqube-ide	27	777	December 26, 2024
SonarLint does not respect the certificates added in the IntelliJ's keystore IntelliJ Platform intellij , connected_mode , ssl , sonarqube-ide	3	3934	April 10, 2020
SonarQube SharedBindingConfigProvider problem Visual Studio sonarqube , visualstudio	12	126	February 27, 2025
Getting error in visual studio 2022 for connect sonar lint Visual Studio	4	248	December 5, 2024
Having Issue while connecting SonarQube using Sonarlint for VS Visual Studio	15	1430	December 7, 2022

Sonar Lint manage Connection Failed VS 2022

Related topics