Update Center error with SonarQube CE 9.9.2 and 9.9.3

defantia · November 21, 2023, 11:05am

which versions are you using : SonarQube CE 9.9.x (with JRE Temurin-17.0.5+8)
how is SonarQube deployed : zip
what are you trying to achieve :
Using “Marketplace” screen and plugins updates

After updating SonarQube CE 9.9.1 to SonarQube CE 9.9.2, the plugins section of the Marketplace screen doesn’t work properly (

and there is a certificate error in the logs :
Logs_Extract.txt (17.5 KB)
The same problem occurs with SonarQube CE 9.9.3 and it disappears when we return to version SonarQube CE 9.9.1

What should be done to correct the MarketPlace problem encountered with SonarQube CE 9.9.2 and SonarQube CE 9.9.3 ?

Colin · November 21, 2023, 12:47pm

Hey there.

I can reproduce this (with openjdk 17.0.9, for what it’s worth) – 9.9.1 works, but 9.9.3 doesn’t. I’ll flag this for attention.

wojtek.wajerowicz · November 21, 2023, 3:42pm

Hi @defantia,

Do you use any proxy to tunnel your traffic that’s using custom certificates?
If yes, then you’ll need to add those certificates to the truststore of the JVM.

defantia · November 21, 2023, 6:33pm

Yes, we use a proxy and company certificates are added to the truststore of the JVM in SonarQube config file :
sonar.web.javaOpts=… - Djavax.net.ssl.trustStore=/…/myfile.jks
sonar.ce.javaOpts=… -Djavax.net.ssl.trustStore=/…/myfile.jks
sonar.search.javaOpts=… -Djavax.net.ssl.trustStore=/…/myfile.jks

It’s the same config file for SonarQube CE 9.9.1, 9.9.2 and 9.9.3. It’s work perfectly with SonarQube CE 9.9.1 but not with 9.9.2 and 9.9.3.

wojtek.wajerowicz · November 27, 2023, 9:04am

I’m still trying to investigate and reproduce the issue.
I’ll reply here when I have some findings.

defantia · November 29, 2023, 8:51pm

Hi,
Colin said he was able to reproduce the problem. Is it possible to see with him ?

In addition, the myfile.jks file contains my company’s certificates, but not the update.sonarsource.org certificate.

defantia · December 12, 2023, 11:04am

Hi,
I solved the problem by adding the *.sonarsource.org and Gandi Standard SSL CA 2 certificates to the truststore of the JVM (in my case, the myfile.jks file) and now the plugins section of the Marketplace screen works correctly in SonarQube CE 9.9.3.

defantia · December 19, 2023, 9:35am

Hi,
There have been some changes on the SonarQube update site and I had to replace the certificates in my previous answer by the certificats :

ISRG Root X1
update.sonarsource.org
Starfield Services Root Certificate Authority - G2
binaries.sonarsource.com

system · December 26, 2023, 9:36am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Sonar to Jenkins via SSL SonarQube Server / Community Build	4	2090	March 19, 2022
Sonarqube Upgrade from 8.5.1 to Higher Version Failed SonarQube Server / Community Build ssl	1	783	March 18, 2021
[SonarQube Developer edition] Error in Integrating SonarQube with github enterprise SonarQube Server / Community Build sonarqube	5	244	April 3, 2024
Sonarqube 9.9.0.65466 doesn't show the plugin list SonarQube Server / Community Build sonarqube	4	875	February 7, 2023
Invalid custom CA certificate store location in SonarQube 9.9 SonarQube Server / Community Build	2	741	February 9, 2023

Update Center error with SonarQube CE 9.9.2 and 9.9.3

Related topics