Closed juliusl closed 3 months ago
@juliusl
In my testing, listen on "localhost" or "127.0.0.1" in blobHost both works when client send request to localhost Uri with https. I would suggest you using the default value "127.0.0.1".
Please note, the cert need be aligned with the client request Uri, so if your client send request to "localhost" Uri with https, please make sure you start Azurite with cert signed for "localhost". (If the request send to "127.0.0.1" Uri with https, the cert need be signed for "127.0.0.1")
@blueww I followed the readme instructions which says to use localhost if you use dotnet tool dev-certs
If you used dotnet dev-certs to generate your self-signed certificate, then you need to use the following connection string, because that only generates a cert for localhost, not 127.0.0.1.
I also followed the readme to configure the cert
PFX
Generate PFX Certificate
You first need to generate a PFX file to use with Azurite.
You can use the following command to generate a PFX file with dotnet dev-certs, which is installed with the .NET Core SDK.
dotnet dev-certs https --trust -ep cert.pfx -p
Storage Explorer does not currently work with certificates produced by dotnet dev-certs. While you can use them for Azurite and Azure SDKs, you won't be able to access the Azurite endpoints with Storage Explorer if you are using the certs created with dotnet dev-certs. We are tracking this issue on GitHub here: https://github.com/microsoft/AzureStorageExplorer/issues/2859
Is the readme no longer accurate?
@juliusl I have no problem to setup Azurite with the above configuration, and client use the above connection string can connect to Azurite correctly.
Cert gen with:
"dotnet dev-certs https --trust -ep cert.pfx -p
Connection string: DefaultEndpointsProtocol=https;AccountName=devstoreaccount1;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;BlobEndpoint=https://localhost:10000/devstoreaccount1;QueueEndpoint=https://localhost:10001/devstoreaccount1;
Not sure why you meet the error. From the error log, it looks client not connected to Azurite. Azurite has never received the client request.
This should not related with blobhost setting (in my testing both "localhost" and default "127.0.0.1" works fine).
Could you please check, if you just start Azurite with no cert (so only support http), can the http request send from client on same machine be received by Azurite? If not, it might be related with some of your client network/proxy setting. Do you run client/Azurite on same machine? Or is there any setting on your machine can block request send to 127.0.0.1:10000 be received? If http works, it should be the cert issue. Please make sure you generate cert in the correct way: the cert.pfx has root cert in you machine's trusted root; the cert.pfx should for localhost.
Which service(blob, file, queue, table) does this issue concern?
blob
Which version of the Azurite was used?
3.30 (VS Code)
Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)
VS Code
What's the Node.js version?
What problem was encountered?
Tried setting 'azurite.blobHost' to 'localhost' instead of 127.0.0.1 so that TLS works.
Steps to reproduce the issue?
VS Code Settings
Logs
Error on Client side:
If possible, please provide the debug log using the -d parameter, replacing \<pathtodebuglog> with an appropriate path for your OS, or review the instructions for docker containers:
Please be sure to remove any PII or sensitive information before sharing!
The debug log will log raw request headers and bodies, so that we can replay these against Azurite using REST and create tests to validate resolution.
Have you found a mitigation/solution?
No