error observed: Failed to request and parse ‘https://*********/api/server/version’: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. 06:12:39.215 A server certificate could not be validated. Possible cause: you are using a self-signed SS…

Hi @santosh3702 , Welcome to SonarSource community forum. This issue is related to your environment as the error message suggests. Scanner uses your build machine system certificates trust chain to establish HTTPS connections. Possible causes are: You have expired HTTPS certificate for your ****…

That’s actually not entirely true. For example in azure devops pipelines the prepare sonarqube scan task runs in Java afaik, and Java does not load the build machine certificate store on windows, it has it’s own trust store. So if you have sonarqube in your internal domain with a domain-signed certi…

Hi @Rouke.Broersma.IS , In that case, can you please precisely describe what’s your current build machine and SQ instance certificate setup? Can you still verify the certificate from build machine to rule out obvious causes? Are you aware of any changes in your setup that might affect this except …

[image] Rouke.Broersma.IS: For this reason in my company we host all sonarqube instances with a public certificate instead of a domain certificate. We build for example dotnet framework apps on windows build servers using azure devops. Sonarsource provides some build tasks for azure devops to…

I’m sorry, but I’m little confused here. Do you @Rouke.Broersma.IS represent the original case reported by @santosh3702 or are you just contributing to this post as general discussion? I’m not sure if we need to wait for more input from @santosh3702 or not.

Sorry I am not related, I was really only commenting on this part of your reply to the person who started this topic: “Scanner uses your build machine system certificates trust chain to establish HTTPS connections.” I just wanted to make it clear that this is not entirely true and can be a major h…

Hi @santosh3702 , Have you resolved your issues with certificates or do you still need some help?

Hello, i am also having same issue for ms build scanner, other scanners are working as they packaged with thier own java, but Ms Build, not sure where to update certs to make it work. any suggestion here pls ?

Hi @lalitkhatri12 , Can you please describe your build environment and error message in more detail? Is your build machine HTTPS publicly accessible?

Any update on this thread? Otherwise, we’ll close it as being unresponsive.

Unable to add Secure sonar SSL certificates in MS Build Sonar scanner for windows environment

SonarQube Server / Community Build

Andrei_Epure (Andrei Epure) Split this topic December 7, 2020, 3:29pm 12

A post was split to a new topic: Unable to add Secure sonar SSL certificates in MS Build Sonar scanner

Topic		Replies	Views
Unable to add Secure sonar SSL certificates in MS Build Sonar scanner SonarQube Server / Community Build msbuild , scanner , dotnet , ssl	2	3975	December 23, 2020
Failed to validate SSL certificate while running sonarscanner against secured SonarQube server through dockerfile SonarQube Server / Community Build docker , ssl	4	6150	August 24, 2020
Could not create SSL/TLS secure channel issue in Sonarqube 9.6 SonarQube Server / Community Build sonarqube , dotnet	5	789	May 3, 2023
Trusting internal certificate for initiating Sonarqube scan SonarQube Server / Community Build	3	66	July 16, 2025
Sonarscanner fails with HTTPS added to Sonarqube SonarQube Server / Community Build dotnet	7	580	July 4, 2022

Unable to add Secure sonar SSL certificates in MS Build Sonar scanner for windows environment

Related topics