Sonarqube-scanner-npm can't download binaries when using truststore for custom ca

victor.diez · August 21, 2025, 12:12pm

first of all, sorry for the very late answer. I created 2 tickets for the two additional points that you mentioned at the end of the post:

Support default truststore location

Support noproxyhost

As for the main point you are discussing, we are trying to keep the same requirements as the scanner cli without adding any additional configuration exclusive to the npm scanner. So accepting pem certificates which are only used by the NPM scanner but ignored by the scanner cli is not something that fits that vision. Keeping this in mind, what would be your preferred solution to simplify the user experience (while keeping the Java truststore as “source of truth” for certs)

Cheers,

Victor

Topic		Replies	Views
Unable to fetch API V2 /analysis/version: Error: unable to verify the first certificate SonarQube Server / Community Build	15	194	August 22, 2025
SSL issues with Sonar Scanner for NPM starting with Version 4.0.0 when using selfsigned certificate SonarQube Server / Community Build sonarqube , scanner , ssl , self-solve , nodejs	15	2144	October 15, 2024
Sonarqube maven plugin and truststores SonarQube Server / Community Build maven , scanner , ssl	3	1452	June 2, 2022
Maven Sonar Scanner 5.0.0.4389 certs issue SonarQube Server / Community Build java , sonarqube , maven , scanner , sonarqube-ide	3	92	April 30, 2025
SonarQube Enterprise Server can not be reached through sonar-scanner SonarQube Server / Community Build sonarqube , scanner	5	682	May 17, 2023

Sonarqube-scanner-npm can't download binaries when using truststore for custom ca

Related topics