Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

SonarQube can run over HTTPS with both signed or unsigned certificates. The configuration is pretty standard. The information to access the certificate must be declared in the configuation of the web server. JVMs used by the analyzers must know the certificate.

You'll find below an a complete example: from the generation of an SSL Certificate to the configuration of the SonarQube web server and analyzeranalyzers.

Example

Generating the SSL Certificate

Run the following command:

...

For test purpose, here's an example for a local SonarQube server:

Configuring the SonarQube Web Server

Open the SONARQUBE_HOME/conf/sonar.properties file and update it as below:

Code Block
titlesonar.properties
languagehtml/xml
...
# TCP port for incoming HTTP connections. Disabled when value is -1.
sonar.web.port=-1

# TCP port for incoming HTTPS connections. Disabled when value is -1 (default).
sonar.web.https.port=9000

# HTTPS - the alias used to for the server certificate in the keystore.
sonar.web.https.keyAlias=sonartomcat

# HTTPS - the password used to access the server certificate from the
sonar.web.https.keyPass=changeit

# HTTPS - the password used to access the specified keystore file. The default
# value is the value of sonar.web.https.keyPass.
sonar.web.https.keystorePass=changeit

...

 Restart the web server. You should only be able to access the SonarQube server over HTTPS on port 9000.

Configuring the

...

Analyzers