Java – Maven sonar plugin: trust self-signed certificate

javamavenself-signedsonarqube

I try to launch maven sonar:sonar to a SonarQube instance on HTTPS connection with a self-signed certificate. Maven give me this error:

[ERROR] Failed to execute goal
org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar
(default-cli) on project data.model: Unable to execute SonarQube: Fail
to get bootstrap index from server:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target -> [Help 1]

Best Answer

You can import the server certificate in your truststore:

keytool -import -v -trustcacerts -alias mySonarServer -file sonarServer.crt -keystore cacerts

Where cacerts is the one from the JRE installation.

For `localhost` only

Simply paste this in your chrome:

chrome://flags/#allow-insecure-localhost

You should see highlighted text saying: Allow invalid certificates for resources loaded from localhost

Click Enable.

-OR-

Try typing: thisisunsafe anywhere on the window and the browser *should* let you visit the page.[link]

Java – Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error

You need to add the certificate for App2 to the truststore file of the used JVM located at %JAVA_HOME%\lib\security\cacerts.

First you can check if your certificate is already in the truststore by running the following command: keytool -list -keystore "%JAVA_HOME%/jre/lib/security/cacerts" (you don't need to provide a password)

If your certificate is missing, you can get it by downloading it with your browser and add it to the truststore with the following command:

keytool -import -noprompt -trustcacerts -alias <AliasName> -file <certificate> -keystore <KeystoreFile> -storepass <Password>

Example:
keytool -import -noprompt -trustcacerts -alias myFancyAlias -file /path/to/my/cert/myCert.cer -keystore /path/to/my/jdk/jre/lib/security/cacerts/keystore.jks -storepass changeit

After import you can run the first command again to check if your certificate was added.

Sun/Oracle information can be found here.

Best Answer

Related Solutions

Google-chrome – Getting Chrome to accept self-signed localhost certificate

For localhost only

Java – Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error

Related Topic

For `localhost` only