sonarqube - adding self signed certificate to connect with git

Question

I have self signed certificate to connect to azure devops server 2019. i have registered the self certificate in git root certificates. now, i want to configure sonarqube to use self signed certificate on the self hosted agent. i tried to register certificate in keystore of java using keytool both at the server and self hosted agent. but no success so far.

Below is the Log sonar Prepare analysis

##[section]Starting: Prepare analysis on SonarQube
==============================================================================
Task         : Prepare Analysis Configuration
Description  : Prepare SonarQube analysis configuration
Version      : 4.8.0
Author       : sonarsource
Help         : [More Information](http://redirect.sonarsource.com/doc/install-configure-scanner-tfs-ts.html)
==============================================================================
SYSTEMVSSCONNECTION exists true
##[warning]Unable to get default branch, defaulting to 'master': Error: unable to get local issuer certificate
[command]D:\Agent-Pools\sonaragent\_work\_tasks\SonarQubePrepare_15b84ca1-b62f-4a2a-a403-89b77a063157\4.8.0\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe begin /k:devops-dashboard-core
SonarScanner for MSBuild 4.7.1
Using the .NET Framework version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
22:37:00.721  Updating build integration targets...
22:37:00.808  Fetching analysis configuration settings...
22:37:02.839  Provisioning analyzer assemblies for cs...
22:37:02.84  Installing required Roslyn analyzers...
22:37:03.386  Provisioning analyzer assemblies for vbnet...
22:37:03.386  Installing required Roslyn analyzers...
22:37:03.439  Pre-processing succeeded.
##[section]Finishing: Prepare analysis on SonarQube

Answer 1

If you have added the certificate to the agent, then you can set the NODE_EXTRA_CA_CERTS variable to point to your ca cert or cert.

In my case I added the environment variable and set the value to the ca certificate used for signing the certificate.

  - name: NODE_EXTRA_CA_CERTS
    value: /etc/ssl/certs/ca-certificates.crt

Credit goes to Chris Hardie: https://community.sonarsource.com/t/tfs-buid-server-cannot-connect-to-teh-sonarqube-server-over-ssl/1194/3

More information regarding the NODE_EXTRA_CA_CERTS here: https://groups.google.com/forum/#!msg/sonarqube/1W8raF6ZMVM/iFgQhVENAAAJ