Hi,
I have SonarQube developer edition installed within a Docker behind a Reverse proxy (Traefik). We use a self signed certificate. We have also a Gitlab. The HTTPS reverse proxy is working fine for Gitlab and SonarQube.
Versions :
- SonarQube version : 8.6.1.40680
- Gitlab version : 13.8.3 ce
When I’m trying to setup Gitlab authentication following documentation : https://docs.sonarqube.org/latest/analysis/gitlab-integration/
From this forum, I found that I have to add my certificate (.pem file ?) into java truststore.
keytool -import -v -trustcacerts -alias mycompagnycert -file /cert.pem -keystore ${JAVA_HOME}/lib/security/cacerts -noprompt -storepass changeit
No error message here. But I still have this error in docker logs
2021.02.12 13:25:24 WARN web[AXeV3GJms8DgjbSqAABw][o.s.s.a.AuthenticationError] Fail to callback authentication with 'gitlab'
java.lang.IllegalStateException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.sonar.auth.gitlab.GitLabIdentityProvider.callback(GitLabIdentityProvider.java:104)
at org.sonar.server.authentication.OAuth2CallbackFilter.handleOAuth2Provider(OAuth2CallbackFilter.java:98)
...
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
I don’t understand what I’m doing wrong ? Any help would be very appreciate
Thank you.