问题
When running the SonarQube task on the Windows Hosted Agent I get this error right away.
[error][SQ] API GET '/api/server/version' failed, error was: {"code":"UNABLE_TO_VERIFY_LEAF_SIGNATURE"}
The error is apparently related to what's discussed in this Let's Encrypt signing explanation.
Using the info on that page as a guide and in an attempt to fix the problem I've created a predecessor task in the DevOps job to add to the Java keystore on the DevOps Agent box all the certs in the chain up from our wildcard to the issuer (including cross-signers). I'm able to do that but I still get the error from the follow-on Sonar task.
When I invoke curl against the /api/server/version endpoint from the Agent I get the error "curl: (60) SSL certificate problem: unable to get local issuer certificate".
It's my understanding that the Sonar task would rely on the Java keystore but that curl doesn't. That makes it seem like for both apps to work, I need to add these trusted certs in 2 places but I haven't found even one them. Can anyone guide me to instructions for resolving this issue?
Dave
UPDATE: Realizing that the "problem" cert might be helpful. You can get it here link
来源:https://stackoverflow.com/questions/55303439/azure-devops-prepare-analysis-on-sonarqube-task-fails-against-our-azure-hosted