errors connecting to sonarqube server built in Azure, unverified host and unable to find certificate path

[caresi...@gmail.com]

0down votefavorite

I have set up sonarqube server on a VM in Azure with Azure sql. A self signed cert was created using IIS. I can connect to the server via a remote browser and after installing the certificate into the Trusted CA I can successfully connect to the server with no warnings. However on running the sonar-scanner.bat from a a remote client, I receive the following error : Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I followed some guidelines to install the certificate into the Java keystore by exporting the certificate via IE then importing it into the JAVA keychain as below keytool -importcert -file c:\sonarcertnew.cer -keystore keystore.jks -alias "Aliasonar but this then gives another error : Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname not verified: So despite exporting the cert and importing into the java keystore still unable to connect. Can anyone advise?

[nicolas...@sonarsource.com]

Hi,

Well first of all I suggest you check the actual contents of your server certificate and make sure that the hostname it declares is indeed the hostname you're contacting via HTTPS.

If needed also make sure to be on latest versions of SonarQube scanners (not to mention SonarQube version you're running) and check your Java version.

In terms of further troubleshooting this on your end, and given that this is purely at the Java/SSL layer, check out this Java documentation: Debugging SSL/TLS Connections . -Djavax.net.debug=all will give you extensive visibility into SSL transactions (use SONAR_SCANNER_OPTS as indicated here ), to further understand this error.

Best regards,

Nicolas