Hello,
I’m using SonarQube 8.4.1 developer edition together with SonarLint 5.3 for Eclipse C++ (version 2019.9). The SonarQube server is configured to only allow https connections. If I try to bind the Eclipse project with the SonarQube server project I always get the following exceptions:
Starting SonarLint for Eclipse 5.3.0.19940
Fail to request https://xxx.yyy.zzz/sonarqube/api/system/status
java.lang.IllegalStateException: Fail to request https://xxx.yyy.zzz/sonarqube/api/system/status
at org.sonarsource.sonarlint.core.util.ws.HttpConnector.doCall(HttpConnector.java:196)
at org.sonarsource.sonarlint.core.util.ws.HttpConnector.get(HttpConnector.java:122)
at org.sonarsource.sonarlint.core.util.ws.HttpConnector.call(HttpConnector.java:109)
at org.sonarsource.sonarlint.core.container.connected.SonarLintWsClient.rawGet(SonarLintWsClient.java:120)
at org.sonarsource.sonarlint.core.container.connected.SonarLintWsClient.get(SonarLintWsClient.java:85)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.lambda$fetchServerInfos$0(ServerVersionAndStatusChecker.java:97)
at org.sonarsource.sonarlint.core.container.connected.SonarLintWsClient.processTimed(SonarLintWsClient.java:226)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.fetchServerInfos(ServerVersionAndStatusChecker.java:96)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.checkVersionAndStatus(ServerVersionAndStatusChecker.java:60)
at org.sonarsource.sonarlint.core.container.connected.validate.ServerVersionAndStatusChecker.checkVersionAndStatus(ServerVersionAndStatusChecker.java:50)
at org.sonarsource.sonarlint.core.WsHelperImpl.validateConnection(WsHelperImpl.java:65)
at org.sonarsource.sonarlint.core.WsHelperImpl.validateConnection(WsHelperImpl.java:58)
at org.sonarlint.eclipse.core.internal.engine.connected.ConnectedEngineFacade.testConnection(ConnectedEngineFacade.java:421)
at org.sonarlint.eclipse.ui.internal.binding.wizard.connection.ServerConnectionTestJob.run(ServerConnectionTestJob.java:53)
at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:320)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:641)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:460)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1180)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1091)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:336)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.RealConnection.connect(RealConnection.java:185)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:169)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.sonarlint.shaded.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.sonarlint.shaded.okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
at org.sonarsource.sonarlint.shaded.okhttp3.RealCall.execute(RealCall.java:81)
at org.sonarsource.sonarlint.core.util.ws.HttpConnector.doCall(HttpConnector.java:194)
… 14 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:384)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:289)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:625)
… 45 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:379)
… 51 more
I already tried to define -Djavax.net.ssl.trustStore in the eclipse.ini file but that didn’t fix the problem. Is there any way to tell the plugin to use a specific trust store?