Recently we provisioned dev environments with _JAVA_OPTIONS=-Djavax.net.ssl.trustStoreType=Windows-ROOT
This way it is easier to maintain certificates, even if developers have multiple JDKs on their machine (they don’t need to import certificates in the truststore for every JDK).
However, it seems that Jetbrains products are bundled with a minimized JRE, not supporting this type.
For these products we want to provide the jvm option -Djavax.net.ssl.trustStoreType=jks, so it falls back to the default.
However, Sonarlint seems to use the same JRE as IntelliJ, starting a new one, missing these JVM options.
The result is an error:
Caused by: java.security.NoSuchAlgorithmException: Windows-ROOT KeyStore not available.
I’m looking for one of the following options:
a way to overwrite the jvm property javax.net.ssl.trustStoreType
With JBR-3917 being fixed in IntelliJ 2021.3.3 this is not a big issue anymore.
It might still be interesting to be able to provide explicit jvm options, but I don’t have that usecase anymore.
Sorry for the late answer, and thanks for the follow up.
SonarLint currently runs in the same JVM process than Idea, so we can’t customize JVM settings just for SonarLint. We would have to run in a separate process. This is something we are considering, but it would have other concerns.