- which versions are you using : SonarQube CE 9.9.x (with JRE Temurin-17.0.5+8)
- how is SonarQube deployed : zip
- what are you trying to achieve :
Using “Marketplace” screen and plugins updates
After updating SonarQube CE 9.9.1 to SonarQube CE 9.9.2, the plugins section of the Marketplace screen doesn’t work properly (
and there is a certificate error in the logs :
The same problem occurs with SonarQube CE 9.9.3 and it disappears when we return to version SonarQube CE 9.9.1
What should be done to correct the MarketPlace problem encountered with SonarQube CE 9.9.2 and SonarQube CE 9.9.3 ?
I can reproduce this (with openjdk 17.0.9, for what it’s worth) – 9.9.1 works, but 9.9.3 doesn’t. I’ll flag this for attention.
Do you use any proxy to tunnel your traffic that’s using custom certificates?
If yes, then you’ll need to add those certificates to the truststore of the JVM.
Yes, we use a proxy and company certificates are added to the truststore of the JVM in SonarQube config file :
sonar.web.javaOpts=… - Djavax.net.ssl.trustStore=/…/myfile.jks
It’s the same config file for SonarQube CE 9.9.1, 9.9.2 and 9.9.3. It’s work perfectly with SonarQube CE 9.9.1 but not with 9.9.2 and 9.9.3.
I’m still trying to investigate and reproduce the issue.
I’ll reply here when I have some findings.
Colin said he was able to reproduce the problem. Is it possible to see with him ?
In addition, the myfile.jks file contains my company’s certificates, but not the update.sonarsource.org certificate.