Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

There are two ways to run SonarQube over HTTPS:

  • By building a standard reverse proxy infrastructure
  • By configuring the SonarQube server that natively supports SSL (since version 4.0)

Building a Standard Reverse Proxy Infrastructure

The reverse proxy must be configured to set the value "X_FORWARDED_PROTO: https" in each HTTP request header.

Without this property, redirection initiated by the SonarQube server will fall back on HTTP.

Configuring the SonarQube Server that Natively Supports SSL

The configuration is pretty standard. The information to access the certificate must be provided in the configuration of the web server.

Here's a simple example:

Generating the SSL Certificate

Generate a RSA certificate

Run the following command:

It adds the certificate to USER_HOME/.keystore

Using an existing SSL certificate


The name attribute value will be used for sonar.web.https.keyAlias

The export password you have entered should be specify for sonar.web.https.keyPass

Then copy your myserver.p12 file in a secure place (e.g. /opt/sonar/conf) and configure SonarQube to use it :


Configuring the SonarQube Web Server

Open the SONARQUBE_HOME/conf/ file and update it as below:

Restart the web server. You should now only be able to access the SonarQube server over HTTPS on port 8999.

Running an Analysis

Update the settings of your analyzer (SONARQUBE_HOME/conf/ for SonarQube Runner or settings.xml for Maven...):

Analyze one of your projects to check that it works fine.


  • No labels