Uninitialized keystore error in Sonar Gradle Scanner 6+

• Environment: Jenkins (running build on Windows Agent)
• JDK: 21 (Corretto)
• Gradle 8.14
• Sonar Gradle Plugin 6.2.0.5505

Hi,
when running the “sonar” task with the Sonar Gradle Plugin (atleast for version 6+), I get the following keystore error:

org.gradle.api.tasks.TaskExecutionException: Execution failed for task ':sonar'.
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.lambda$executeIfValid$1(ExecuteActionsTaskExecuter.java:130)	
at org.gradle.internal.Try$Failure.ifSuccessfulOrElse(Try.java:293)	
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeIfValid(ExecuteActionsTaskExecuter.java:128)
...
Caused by: org.sonarqube.gradle.AnalysisException: nl.altindag.ssl.exception.GenericKeyStoreException: Unable to read truststore from 'D:\dev\.gradle\truststore'	
at org.sonarqube.gradle.SonarTask.run(SonarTask.java:148)	
at jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)	
at org.gradle.internal.reflect.JavaMethod.invoke(JavaMethod.java:125)
...
Caused by: nl.altindag.ssl.exception.GenericKeyStoreException: Unable to read truststore from 'D:\dev\.gradle\truststore'	
at org.sonarsource.scanner.lib.internal.http.OkHttpClientFactory.configureSsl(OkHttpClientFactory.java:146)	
at org.sonarsource.scanner.lib.internal.http.OkHttpClientFactory.create(OkHttpClientFactory.java:80)	
at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.init(ScannerHttpClient.java:52)	
at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:147)	
at org.sonarqube.gradle.SonarTask.run(SonarTask.java:134)
...
Caused by: java.security.KeyStoreException: Uninitialized keystore	
at org.sonarsource.scanner.lib.internal.http.OkHttpClientFactory.configureSsl(OkHttpClientFactory.java:144)	
at org.sonarsource.scanner.lib.internal.http.OkHttpClientFactory.create(OkHttpClientFactory.java:80)	
at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.init(ScannerHttpClient.java:52)	
at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:147)	
at org.sonarqube.gradle.SonarTask.run(SonarTask.java:134)

(Stacktrace is truncated for better readability)

Contrary to the exception above, when checking the truststore using keytool, I could see that the truststore is initialized. This is supported by the fact that other tools, including the Sonar Gradle Plugin up to and including major version 5 can read this truststore without any problems.

I also checked other minor versions of the Sonar Gradle Plugin 6.x, but they all fail with the same KeyStoreException.

Is there any sonar or system property that I might have missed? I tried the workarounds shared in Keystore errors in Sonar Gradle Scanner 6.x and Unable to read truststore error since macOS Sonar Scanner CLI since 7.0.0.4796 - #13 by pdxeng, but they didn’t resolve my issue at hand.

Hey @glu!

Thanks for the report. Can you tell me what version of SonarQube you’re pointing the scanner at?

Hey @Colin,

the SonarQube version is Community Build v25.1.0.102122.

Thanks. I’m not sure what could be causing the issue then. I’ve flagged this for attention, but I suggest continuing to use v5 for now until it gets sorted out!