SSL mutual authentication

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) Sonarqube 7.6
  • what are you trying to achieve: Stig the sonarqube application
  • what have you tried so far to achieve this:

Hi,

I’m stigging the sonarqube application. Below is the questions I have to answer. I can’t find any documentation addresses the question below. Please help me with the question.

Heather

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Check Text: Review application server documentation, application data protection requirements, and configuration to ensure the application server provides an SSL mutual authentication capability and the authentication is completed before the connection is fully established.
+++++++++++++++++++++++++++++++++++++++

Hi, the SonarQube documentation is here.

I knew where to find the document and see the document about SSL but unable to the document to address the SSL mutual authentication capability. Can you explain how mutual authentication works in Sonarqube?

Thanks,

Heather

Hi, we gave you a few links about authentication mechanism in SonarQube :

Basically, token, JWT, or delegated Oauth2 authentication. Could you please clarify your question, and tell us why theses answers are not sufficient?

FYI:

MMF-2131 - SonarQube provides DOD-approved Docker images

Target “soon”.

 
:smiley:
Ann

FYI, from SonarQube 8.5 you’ll find new releases in the Iron Bank.

 
:+1:
Ann