Afternoon,
I’m testing version 10.7.0 of SonarQube with version 2022 of Azure DevOps Server, leveraging v7.* of the Azure DevOps Server SonarQube (SonarScanner) extension.
I have the “Integrate with .NET” option selected in the Prepare Analysis Step, and the “Use JAVA_HOME” set on the JDK version source for analysis.
The relevant certificate (.cer / .crt) has been added to the cacerts store for Zulu JDK 17 (C:\Program Files\Zulu\zulu-17\lib\security\cacerts).
JAVA and JAVA_HOME environment variables have been set on the Virtual Machine to C:\Program Files\Zulu\Zulu-17.
When running our scans this is failing with the error “PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target”, and shows “INFO: Java 17.0.11 Eclipse Adoptium (64-bit)” as being leveraged as the Java source.
However, when the exact same build is pointed to version 9.9.3 of SonarQube. The output shows “INFO: Java 17.0.11 Azul Systems, Inc. (64-bit)”, the above error does not appear and the scan is successfully pushed.
Are there additional configurations I need to do in order for our Zulu Java installation to be leveraged as part of scanning using v10.7.0? Please can you help to resolve this issue I am experiencing?
Cheers,
Tom