Colin
August 22, 2025, 9:32am
14
Hm. Can you try one more command?
echo | openssl s_client -connect mysonar.local:443 -showcerts 2>/dev/null | sed -n '/BEGIN/,/END/p' | openssl pkcs12 -export -nokeys -out truststore.p12 -passout pass:changeit
By the way, I saw this morning we have a bug where the SonarScanner for NPM isn’t picking up the deafult truststore location. So keep on specifying -Dsonar.scanner.truststorePath.
Hello @moritzwiechers ,
first of all, sorry for the very late answer. I created 2 tickets for the two additional points that you mentioned at the end of the post:
Support default truststore location
Support noproxyhost
As for the main point you are discussing, we are trying to keep the same requirements as the scanner cli without adding any additional configuration exclusive to the npm scanner. So accepting pem certificates which are only used by the NPM scanner but ignored by the scanner cli…
