:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

SonarQube Server / Community Build
1

We have the problem when using TLS 1.3 with AzureDevOps Task , our application is JAVA.

- task: SonarQubePrepare@5
        displayName: Prepare SonarQube Analysis
        inputs:
          SonarQube: 'SonarMgmt'
          scannerMode: 'Other'
          extraProperties: |
            sonar.projectKey=$(sonar_project_key)
            sonar.coverage.jacoco.xmlReportPaths=$(build.artifactstagingdirectory)/Code Coverage Report_$(Build.BuildId)/jacoco.xml

error: reason: write EPROTO 140597843173440:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:…/deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 40

Can you please help on this?

2

Hi,

This isn’t an analysis problem, but a certificate problem, which is a bit beyond our scope. I suggest searching

 
HTH,
Ann

3

Hi @ ganncamp

Thanks for your message, It is not an issue with the certificate, please refer to this issue Error regarding: SSL routines:ssl3_read_bytes:tlsv1 , its the issue with Azure DevOps task task: SonarQubePrepare@5 which has TLS v1.2. Can you please help with this?

4

Hi @ ganncamp

, Please let me know if you could help me on the above issue?

5

Hi,

I’m not sure how you expect me to help you.

I’ve told you what I believe the problem is and given you a pointer. You’ve told me that’s not it. So… obviously you’re better qualified here?

 
Ann

6

Not sure if you have seen the previous ticket I referenced, It already mentioned it’s the issue on Sonar Qube library version issue. We have tested with TLS 1.2 it works, it doesn’t work with TLS 1.3. Can you please seek for help in your team to understand more about this issue in detail

8

Here is additional information to help you with details "The requested security protocol is not supported." -- Azure DevOps task fails after extension update - #32 by kdodge

9

Hi,

Really, what are you expecting from me here?

In your first response to me, you linked to a thread with a different error (yes, it does include ssl3 just like yours, but…). That thread promises a fix for that that user’s problem. So if you believe you have the same problem, then all you have to do is be patient…? Also, that user found a workaround. Did you try it?

The second thread you’ve referred me to is 2y old and ends with a new release that fixes the problem in the thread. Presumably, you’re using a current version, so you already have that fix.

Can you tell me why you’re so certain this isn’t about certificates?

 
Ann

10

It is not a Certificate issue because it works with TLS1.3 If I query the SonarQube endpoints with Curl statement, it has an issue with only TLS 1.3 when using the Azure DevOps task and it clearly shows from all conversations I have shared there was an issue with SonarQube plugin for Azure DevOps task.

I am using the latest version, but the issue still exists as per the latest conversation I have shared. The workaround suggested was for a NodeJs build, we are using a Maven Build. I would like to know what changes we have to do in the Azure DevOps task to make it work.

Can you please check with your team.

11

Hi,

I don’t believe this workaround has anything to do with Maven.

As I said,

The latest release is still the one referred to in that thread.

 
Ann