Full documentation for SonarQube has moved to a new location: http://docs.sonarqube.org/display/SONAR

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

You can run SonarQube over HTTPS either:

  • building a standard reverse proxy infrastructure
  • configuring the SonarQube server that natively support SSL
But you can run SonarQube in a standard HTTPS infrastructure using reverse proxy (in this case the reverse proxy must be configured to set the value "X_FORWARDED_PROTO: https" in each HTTP request header. Without this property, redirection initiated by the SonarQube server will fall back on HTTP).


SonarQube can run over HTTPS with both signed or unsigned certificates. The configuration is pretty standard. The information to access the certificate must be declared in the configuation of the web server. JVMs used by the analyzers must know the certificate.

You'll find below a complete example: from the generation of an SSL Certificate to the configuration of the SonarQube web server and analyzers.

Example

Generating the SSL Certificate

Run the following command:

For test purpose, here's an example for a local SonarQube server:

Configuring the SonarQube Web Server

Open the SONARQUBE_HOME/conf/sonar.properties file and update it as below:

sonar.properties

Restart the web server. You should only be able to access the SonarQube server over HTTPS on port 9000.

Configuring the Analyzers

 

 

  • No labels