diff --git a/templates/gitlab-ci-sonar.yml b/templates/gitlab-ci-sonar.yml
index 3d070e45fd39eb9de20498b3dfcce72e6a612271..faa5161fc73bc18931a111f1c8ec045a321a87b8 100644
--- a/templates/gitlab-ci-sonar.yml
+++ b/templates/gitlab-ci-sonar.yml
@@ -431,13 +431,11 @@ sonar:
         export SONAR_TOKEN="$SONAR_AUTH_TOKEN"
       fi
     - |
-      if [[ -z "$CUSTOM_CA_CERTS" ]]
+      if [[ "$CUSTOM_CA_CERTS" ]] || [[ "$DEFAULT_CA_CERTS" ]]
       then
-        log_info '$CUSTOM_CA_CERTS not set: using default keystore'
-      else
-        log_info '$CUSTOM_CA_CERTS variable detected: using writable keystore path (/tmp/writable_keystore)'
+        log_info "Custom CA certificates detected: using custom Java KeyStore"
         export CUSTOM_KEYSTORE_PATH="/tmp/writable_keystore"
-        export CUSTOM_KEYSTORE_PASSWORD="changeit"
+        export CUSTOM_KEYSTORE_PASSWORD=${JAVA_KEYSTORE_PASSWORD:-changeit}
       fi
     - >-
       sonar-scanner ${TRACE+-Dsonar.verbose=true} $java_proxy_args