SonarQube通过https
我正在尝试将SonarQube与TFS 2013构建集成。SonarQube实例配置为使用https。出于某种原因,TFS尝试联系SonarQube时抛出以下错误:
ERROR: Error during SonarQube Scanner execution <br /> ERROR: Unable to execute SonarQube ERROR: Caused by: Fail to get bootstrap index from server ERROR: Caused by: sun.security.validator.ValidatorException: PKIX path building failed:Sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ERROR: Caused by: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ERROR: Caused by: unable to find valid certification path to requested target
我发现了这样的帖子:“ PKIX路径构建失败”和“无法找到到请求目标的有效证书路径”, 并导出了证书,并使用keytool将其导入到Java密钥库中。我仍然遇到相同的错误。似乎sonarQube以某种方式无法从默认的Java密钥库中获取证书。
我尝试手动运行sonar-scanner,并在参数中传递证书信息,但仍然无法获取证书。
C:\SonarScanner\sonar-scanner-3.2.0.1227\bin>sonar-scanner.bat -X -Djavax.net.debug="ssl,handshake" -Djavax.net.ssl.trustStore="C:/Program Files/Java/jre1.8.0_121/lib/security/cacerts" -Djavax.net.ssl.keyStore="C:/Program Files/Java/jre1.8.0_121/lib/security/cacerts"
查看“调试”消息,它没有识别其他参数。
有什么建议么?
设置“ SONAR_SCANNER_OPTS”环境变量-Djavax.net.ssl.trustStore="C:/Program Files/Java/jre1.8.0_121/lib/security/cacerts" -Djavax.net.ssl.keyStore="C:/Program Files/Java/jre1.8.0_121/lib/security/cacerts"对我有用。
现在,调试日志显示它指向环境变量中设置的密钥库。它既可以使用Sonar-Scanner.bat从命令行运行,也可以作为TFS 2013构建的一部分运行。