# List of DCE-specific properties SonarQube utilizes system properties during startup, which are not stored in the database. This page lists the configurable system properties that are specific to the Data Center Edition. ## General
All nodes
System property (sonar property and ENVIRONMENT_VARIABLE)DescriptionRequired
sonar.cluster.enabled

Enables the cluster mode. Must be set to true in each node.

Default value: false

yes

sonar.cluster.name

SONAR_CLUSTER_NAME

The name of the cluster. Required if multiple clusters are present on the same network. For example, this prevents mixing Production and Preproduction clusters.

Will be the name stored in the Hazelcast cluster and used as the name of the Elasticsearch cluster.

Default value: sonarqube

Where appropriate

sonar.cluster.node.name

SONAR_CLUSTER_NODE_NAME

The name of the node that is used on Elasticsearch and stored in Hazelcast member attribute (NODE_NAME) for sonar-application.

Default value: sonarqube-<UUID>

yes

sonar.cluster.node.type

SONAR_CLUSTER_NODE_TYPE

Type of node.

Possible values:

• application: node hosting the WebServer process.

• search: node hosting the Elasticsearch process.

yes
Application nodes only
System property (sonar property and ENVIRONMENT_VARIABLE)DescriptionRequired

sonar.cluster.hosts

SONAR_CLUSTER_HOSTS

Comma-delimited list of all application nodes in the cluster.

List item format (the same format for all items):

• Either <nodeIpAddress> (if all ports have the sonar.cluster.node.port default value)

• Or <nodeIpAddress>:<ApplicationPortNumber>

yes
sonar.cluster.node.hostIP address of the current node used by Hazelcast to communicate with the node.yes

sonar.cluster.node.port

SONAR_CLUSTER_NODE_PORT

Port of the current node used by Hazelcast to communicate with the node.

Default value: 9003

yes
sonar.cluster.node.web.port

Port of the current node used by Hazelcast to communicate with the WebServer process on the current node. Port must be accessible to all other application nodes.

If not specified, a dynamic port will be chosen. In that case, all ports must be open among the nodes to ensure inter-node communication.

no
sonar.cluster.node.ce.port

Port of the current node used by Hazelcast to communicate with the Compute Engine process on the current node. Port must be accessible to all other application nodes.

If not specified, a dynamic port will be chosen. In that case, all ports must be open among the nodes to ensure inter-node communication.

no

sonar.cluster.search.hosts

SONAR_CLUSTER_SEARCH_HOSTS

Comma-delimited list of search nodes in the cluster. A search node is described through the IP address and port used for search requests.

List item format (the same format for all items):

• Either <nodeIpAddress> (if all ports have the sonar.cluster.node.port default value and this value has not been overridden in the current node’s configuration file)

• Or <nodeIpAddress>:<searchPortNumber>

<nodeIpAddress> can also be set to the service name of the search containers.

yes

sonar.auth.jwtBase64Hs256Secret

SONAR_AUTH_JWTBASE64HS256SECRET

Required for authentication with multiple web servers. It is used to keep user sessions opened when they are redirected from one web server to another by the load balancer. You must generate a secret for the application nodes (it will be the same for all application nodes).¹yes
1\) See [#jwt-token](https://docs.sonarsource.com/sonarqube-server/data-center-edition/pre-installation#jwt-token "mention").
Search nodes only
System property (sonar property and ENVIRONMENT_VARIABLE)DescriptionRequired
sonar.cluster.node.search.hostElasticsearch host of the current node used for HTTP communication between search and application nodes. IP must be accessible to all application nodes.yes
sonar.cluster.node.search.portElasticsearch port of the current node used for HTTP communication between search and application nodes. Port must be accessible to all application nodes.yes

sonar.cluster.es.hosts

SONAR_CLUSTER_ES_HOSTS

Comma-delimited list of nodes in the Elasticsearch cluster. A node is described through the IP address and port used for internal communication within the Elasticsearch cluster.

List item format (the same format for all items):

• Either <nodeIpAddress> (if all ports have the sonar.cluster.node.port default value and this value has not been overridden in the current node’s configuration file)

• Or <nodeIpAddress>:<esPortNumber>

yes
sonar.cluster.node.es.hostIP address of the current search node used for internal communication within the Elasticsearch cluster. The IP address must be accessible to all other search nodes.yes
sonar.cluster.node.es.portPort of the current search node used for internal communication within the Elasticsearch cluster. The port must be accessible to all other search nodesyes
sonar.search.initialStateTimeout

The timeout for the Elasticsearch nodes to elect a primary node. The default value will be fine in most cases, but in a situation where startup is failing because of a timeout, this may need to be adjusted.

Value format: <integer><timeunit>
where<timeunit> possible values are:

• ms: milliseconds

• s: seconds

• m: minutes

• h: hours

• d: days

• w: weeks

no
## Elasticsearch authentication See also [elasticsearch-security-features](https://docs.sonarsource.com/sonarqube-server/server-installation/data-center-edition/network-security/elasticsearch-security-features "mention").
All nodes
System property (sonar property and ENVIRONMENT_VARIABLE)Description

sonar.cluster.search.password

SONAR_CLUSTER_SEARCH_PASSWORD

Password for Elasticsearch built-in user (elastic) which will be used on client side (for an application node) or set in Elasticsearch (for a search node). If provided, it enables authentication, and for a search node, the instance will require additional properties to be set. If this property is set, the same value must be used on all nodes of the cluster (application and search nodes).
Search nodes
System property (sonar property and ENVIRONMENT_VARIABLE)Description

sonar.cluster.es.ssl.keystore

SONAR_CLUSTER_ES_SSL_KEYSTORE

File path to a keystore in PKCS#12 format¹. The user running SonarQube must have READ permission to that file. Required if password provided.

Can be the same PKCS#12 container as the SONAR_CLUSTER_ES_SSL_TRUSTSTORE.

sonar.cluster.es.ssl.truststore

SONAR_CLUSTER_ES_SSL_TRUSTSTORE

File path to a truststore in PKCS#12 format¹. The user running SonarQube must have READ permission to that file. Required if password provided.

Can be the same PKCS#12 container as the SONAR_CLUSTER_ES_SSL_KEYSTORE.

sonar.cluster.es.ssl.keystorePassword

SONAR_CLUSTER_ES_SSL_KEYSTOREPASSWORD

Password to the keystore.

sonar.cluster.es.ssl.truststorePassword

SONAR_CLUSTER_ES_SSL_TRUSTSTOREPASSWORD

Password to the truststore.
1\) When creating the PKCS#12 container, make sure it is created with an algorithm that is readable by Java 17.
## TLS encryption See also [#tls-encryption](https://docs.sonarsource.com/sonarqube-server/data-center-edition/network-security/elasticsearch-security-features#tls-encryption "mention").
All nodes
System property (sonar property and ENVIRONMENT_VARIABLE)Description

sonar.cluster.es.http.ssl.keystore

SONAR_CLUSTER_ES_HTTP_SSL_KEYSTORE

File path to a keystore in PKCS#12 format¹. The user running SonarQube must have READ permission to that file. If provided, it enables TLS encryption.

sonar.cluster.es.http.ssl.keystorePassword

SONAR_CLUSTER_ES_HTTP_SSL_KEYSTOREPASSWORD

Password to the keystore.
1\) When creating the PKCS#12 container, make sure it is created with an algorithm that is readable by Java 17.
## Related pages * [configuration-methods](https://docs.sonarsource.com/sonarqube-server/server-installation/system-properties/configuration-methods "mention") * [common-properties](https://docs.sonarsource.com/sonarqube-server/server-installation/system-properties/common-properties "mention")