Unable to connect to SonarQube after renew/installing expiring cert

  • SonarQube version 7.9.4 LTS

After installing the cert unable to connect to SonarQube. Per the logs SonarQube is up.


After installing the SonarQube cert not able to connect to UI. Per the sonar.log the service is up:
2022.02.09 16:18:35 INFO  app[][o.s.a.SchedulerImpl] Process[ce] is up
2022.02.09 16:18:35 INFO  app[][o.s.a.SchedulerImpl] SonarQube is up


`2022.02.09 16:18:06 DEBUG web[][o.s.s.p.ServerLifecycleNotifier] Notify ServerStartHandler handlers...
2022.02.09 16:18:06 INFO  web[][o.s.s.p.p.PlatformLevelStartup] Running Community Edition
2022.02.09 16:18:06 DEBUG web[][o.s.s.p.ServerLifecycleNotifier] Notify ServerStopHandler handlers...
2022.02.09 16:18:06 INFO  web[][o.s.s.p.Platform] WebServer is operational
2022.02.09 16:18:06 DEBUG web[][o.s.s.p.Platform] Background initialization of SonarQube done`


`2022.02.09 16:18:24 INFO  ce[][o.s.c.c.CePluginRepository] Load plugins
2022.02.09 16:18:33 DEBUG ce[][o.s.c.i.DefaultI18n] Loaded 2708 properties from l10n bundles
2022.02.09 16:18:35 DEBUG ce[][o.s.c.h.CeHttpServer] System Info HTTP server listening at
2022.02.09 16:18:35 INFO  ce[][o.s.c.c.ComputeEngineContainerImpl] Running Community edition
2022.02.09 16:18:35 DEBUG ce[][o.s.s.p.ServerLifecycleNotifier] Notify ServerStartHandler handlers...
2022.02.09 16:18:35 DEBUG ce[][o.s.s.p.ServerLifecycleNotifier] Notify ServerStopHandler handlers...
2022.02.09 16:18:35 INFO  ce[][o.s.ce.app.CeServer] Compute Engine is operational`

Need help to resolve this issue.

Thanks in advance,

Hi @danas :wave:

First, your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

7.9.4 → 8.9.7 → 9.3 (last step optional)

You may find the Upgrade Guide and the LTS-to-LTS Upgrade Notes helpful. If you have questions about upgrading, feel free to open a new thread for that here.

To your original question: can you describe your setup a little more? SonarQube does not have native TLS support since some time, so i guess the error is in your reverse proxy configuration, but i would also like to have a more detailed description of the problem you are facing to more precisely check for errors.



Hi Tobias,

Thank you for the response.

I installed the certificate on the SonarQube Web Site, using IIS Manager. I select the site, click on Bindings, select add, select https, verify the binding is to port 443, select the certificate, and click on OK. Then I got this following message:

The binding’*443:’ is assigned to another site. If you assign the same binding to this site, you will only be able to start one of the sites. Are you sure that you want to add this duplicate binding?

I removed the old binding and binded the new cert and that was successful.

I restarted Sonarqube, per the sonar.log the app is started but I am not able to access it thru the browser.

The sonar analysis jobs are failing with the following error:

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin: (default-cli) on project DeviceManagementSonar: Unable to execute SonarQube: Fail to get bootstrap index from server: Failed to connect to xxxxx.org/ Connection refused (Connection refused) → [Help 1]


Please let me know if you need more details.

Thanks in advance,



okay so this sounds indeed more like a problem of your reverse proxy (IIS in this case). Can you check if sonarqube is reachable under the IP/FQDN that is listed in the log snipped?

I am able ping the IP.

ping does not give any details about services or even open ports as ICMP as per RFC792 does not use any ports.

So can you please check that sonarqube is reachable under the IP/FQDN that is listed in your log snippet?

It is not reachable with the FQDN.

Okay so as i originally thought you need to debug why this is the case in your reverse proxy configuration. sadly i can not really help you with your reverse proxy configuration as i am no expert with IIS. For me this presents that after the setup of the new certificate the reverse proxy is no longer serving sonarqube while sonarqube itself has no issues.

:white_check_mark: scanner —> :x: IIS :x: —> SonarQube :white_check_mark:

the scanner can only work if it has access to the configured sonarqube instance or sonarcloud.

Thanks Tobias. I will need to look into that.