Sonarlint connected mode gives error on the https/tls certificate validity period

Please provide

  • Operating system: win10
  • SonarLint plugin version: v4.4.2
  • Programming language you’re coding in: C
  • Is connected mode used: yes, but tls certificate check fails
    • Connected to SonarCloud or SonarQube (and which version): sonarcube 10.3

And a thorough description of the problem / question:
When I try to activate the connection to sonarcube server, I enter the https://codescan.xyz.com and press generate token-button. Then I get a popup “SonarLint found untrusted server’s certificate”. Dialog shows validity period incorrectly, valid from date is the expiration date and valid to is the issued on date. If I press “trust” button, I am able to connect to the server.
If I go to the same web server https://codescan.xyz.com with Chrome browser, it accepts the certificate normally and I am able to login. When I review the certificate in Chrome, it is trusted, I see the same fingerprint and issued on/expires on dates are the same as above but are in correct order.
It appears to me the certificate is correct but sonarlint interprets the cert incorrectly. Any advice?

Hello, thanks for reporting this behavior!

It has been fixed by a community contribution and should be released next week with version 4.5.

2 Likes

Hi,
In version 4.4.2 we noticed that certificate verification for telemetry.sonarsource.com mixes up the certificate dates.

from and to are switched, resulting in a pop-up warning
image

Kr,
Raf

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.