SonarQube Server Cannot be reached

I was trying to run the sonar scan from jenkins. I am getting the following error

ERROR: SonarQube server [https://abc.com] can not be reached
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE INFO: ------------------------------------------------------------------------
INFO: Total time: 0.281s INFO: Final Memory: 4M/128M INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: Unable to execute SonarQube ERROR: Caused by: Fail to get bootstrap index from server ERROR: Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
ERROR: Caused by: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
ERROR: Caused by: unable to find valid certification path to requested target
ERROR: ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging. WARN: Unable to locate ‘report-task.txt’ in the workspace. Did the SonarScanner succedeed? ERROR: SonarQube scanner exited with non-zero code: 1 Finished: FAILURE

I tried importing the certs to default location jre\lib\security\cacerts. It worked at that time. But i had created a custom keystore and passed on path of the keystore along with password in the sonarqube server additional arguments. Also tried passing path of the keystore at the time of build. Result is same.
Jenkins version: 2.166
Can anyone please look into it and let me know.

1 Like

I have a solution for this. Please pass on the -Djavax.net.ssl.trustStore=“keystore location” and -Djavax.net.ssl.trustStorePassword=password in the sonar-scanner.bat file.

1 Like

Hi @Karthik2011, could you please elaborate a bit on how did you import the certs?

I tried importing the certs to default location jre\lib\security\cacerts

Because when I download the sonar-scan here, the JRE shipped with it doesn’t contain keytool. As far as I know, we need keytool to import the certs, right ?

Thanks!

@keegoo. You will find keytool in jre\bin. Use below command to import cert into cacerts

$ keytool -import -trustcacerts -keystore /opt/java/jre/lib/security/cacerts \ -storepass changeit -noprompt -alias mycert -file /tmp/examplecert.crt
3 Likes