stackoom
  简体   繁体   中英

SonarQube build step fails with “Self-Signed Certificate in Certificate Chain” in Azure DevOps

 原文  2018-11-19 14:37:28       sonarqube/ continuous-integration/ azure-devops

Question

I am currently setting up a build pipeline in Azure DevOps with a self-hosted agent. Everything is working great so far except the SonarQube build steps.

When executing the Prepare SonarQube on my self-hosted agent it fails with the following error: 

2018-11-19T14:14:19.1070144Z ##[debug]organization=null
2018-11-19T14:14:19.1087901Z ##[debug]scannerMode=MSBuild
2018-11-19T14:14:19.1093031Z ##[debug]projectKey=online:kiamservices:main
2018-11-19T14:14:19.1095851Z ##[debug]projectName=Online – KIAM Services
2018-11-19T14:14:19.1098962Z ##[debug]projectVersion=1.0
2018-11-19T14:14:19.1104908Z ##[debug][SQ] API GET: '/api/server/version' with query "undefined"
2018-11-19T14:14:19.2819233Z ##[debug][SQ] API GET '/api/server/version' failed, error was: {"code":"SELF_SIGNED_CERT_IN_CHAIN"}
2018-11-19T14:14:19.2832616Z ##[debug]task result: Failed
2018-11-19T14:14:19.2928009Z ##[error][SQ] API GET '/api/server/version' failed, error was: {"code":"SELF_SIGNED_CERT_IN_CHAIN"}
2018-11-19T14:14:19.2943259Z ##[debug]Processed: ##vso[task.issue type=error;][SQ] API GET '/api/server/version' failed, error was: {"code":"SELF_SIGNED_CERT_IN_CHAIN"}
2018-11-19T14:14:19.2946004Z ##[debug]Processed: ##vso[task.complete result=Failed;][SQ] API GET '/api/server/version' failed, error was: {"code":"SELF_SIGNED_CERT_IN_CHAIN"}
2018-11-19T14:14:19.3015449Z ##[section]Finishing: Prepare SonarQube

If I run the same setup on a microsoft hosted agent it runs just fine.

It is correct that my organization uses it's own Certificate Authority but the certificates are present on the self hosted agent as far as I know.

Is there a way to tell SonarQube to just ignore certificate errors?

I have looked high and low and have sadly not found any information on this error that was even remotely helpful.

Thank you in advance!

1 answers

solution1
 0  2018-11-19 15:07:32

Sonar uses the Java Keystore for its certificate checks. It doesn't look at windows' keystore at all. You'll likely be able to solve this by importing the correct certificates in the JVM's keystore using the keytool utility.

See also:

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Jenkins cannot connect to SonarQube server using HTTPS (HTTP + SSL) with self-signed certificate sonarqube - adding self signed certificate to connect with git Maven sonar plugin: trust self-signed certificate How to export the full certificate chain for SonarQube? Sonarqube ANT build azure devops for SAP Hybris SonarQube Azure Devops Not Authorized How to view the SonarQube full analysis report in the build summary in Azure DevOps? Azure devops build stuck in queue when using sonarqube Azure Devops + Coverlet + SonarQube shows 0% Azure DevOps "Prepare analysis on SonarQube" task fails against our Azure hosted SonarQube server with a Let's Encrypt wildcard cert
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM