ARTICLE AD BOX
I am running the SonarScanner CLI and SonarQube in a Docker container each. I use the free version of SonarQube so I have added the cxx sonarqube plugin v2.2.2.
The version of the SonarScanner is 12.1 and SonarQube Docker version is: 26.3.0.120487, the SonarQube server is hosted on a HTTP URL, not HTTPS. However, when I launch the analysis, the community C++ plugin (sonar-cxx) crashes the entire scanner. It attempts to initialize an SSL context to download rules from the server, and fails because it looks for a keystore path that doesn't exist in the scanner container that I choose.
The log is:
09:00:49.879 INFO trust store based on javax.net.ssl not loadable: The value for the system property [javax.net.ssl.keyStore] is absent 09:00:49.892 ERROR Error during SonarScanner Engine execution nl.altindag.ssl.exception.GenericKeyStoreException: java.lang.IllegalArgumentException: Failed to load the keystore from the classpath for the given path: [/usr/lib/jvm/java-21-amazon-corretto.x86_64/lib/security/cacerts] at nl.altindag.ssl.util.KeyStoreUtils.loadKeyStore(KeyStoreUtils.java:91) at nl.altindag.ssl.SSLFactory$Builder.withTrustMaterial(SSLFactory.java:308) at org.sonar.cxx.sensors.utils.SSLContextBuilder.createSSLContext(SSLContextBuilder.java:107) at org.sonar.cxx.sensors.utils.SonarServerWebApi.setServerConfig(SonarServerWebApi.java:174) at org.sonar.cxx.sensors.utils.CxxIssuesReportSensor.downloadRulesFromServer(CxxIssuesReportSensor.java:95) at org.sonar.cxx.sensors.utils.CxxIssuesReportSensor.executeImpl(CxxIssuesReportSensor.java:84) at org.sonar.cxx.sensors.utils.CxxReportSensor.execute(CxxReportSensor.java:101) ... Caused by: java.lang.IllegalArgumentException: Failed to load the keystore from the classpath for the given path: [/usr/lib/jvm/java-21-amazon-corretto.x86_64/lib/security/cacerts] at nl.altindag.ssl.util.internal.ValidationUtils.requireNotNull(ValidationUtils.java:41) at nl.altindag.ssl.util.KeyStoreUtils.loadKeyStore(KeyStoreUtils.java:88) ... 26 common frames omittedThe given path exists in my Docker container /usr/lib/jvm/java-21-amazon-corretto.x86_64/lib/security/cacerts. My sonar.host.url is http://<hostname>:9000, since I cannot perform SSL verification, I tried to install another Java in my Dockerfile image without success or changing the Sonar_scanner_opts to specify cacerts path. I don't understand the error.
Since my server is on HTTP, I do not need SSL verification. Is there a specific property I can add to my sonar-project.properties or SONAR_SCANNER_OPTS to completely disable the SSL context initialization in the sonar-cxx plugin or should I put my SonarQube server in HTTPS?
