search

microsoft / AzureStorageExplorer

Easily manage the contents of your storage account with Azure Storage Explorer. Upload, download, and manage blobs, files, queues, tables, and Cosmos DB entities. Gain easy access to manage your virtual machine disks. Work with either Azure Resource Manager or classic storage accounts, plus manage and configure cross-origin resource sharing (CORS) rules.
Creative Commons Attribution 4.0 International
365 stars 85 forks source link

Not able to connect from HTTPS #7961

Open Raghurrn123 opened 1 month ago

Raghurrn123 commented 1 month ago

Preflight Checklist

Storage Explorer Version

1.34.0

Regression From

No response

Architecture

i86

Storage Explorer Build Number

No response

Platform

All

OS Version

Ubuntu 24.04 and 22.04

Bug Description

I am not able to connect local storage from another system using HTTPs. after apply SAS key also showing error

Unable to retrieve child resources

ProducerError:{ "name": "FetchError", "message": "request to https://127.0.0.1:10001/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&st=2024-05-27T07%3A05%3A53Z&se=2024-05-28T07%3A05%3A53Z&sp=rl&SAS Token Redacted&comp=list&include=metadata&timeout=30 failed, reason: connect ECONNREFUSED 127.0.0.1:10001", "stack": "FetchError: request to https://127.0.0.1:10001/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&st=2024-05-27T07%3A05%3A53Z&se=2024-05-28T07%3A05%3A53Z&sp=rl&SAS Token Redacted&comp=list&include=metadata&timeout=30 failed, reason: connect ECONNREFUSED 127.0.0.1:10001\n at ClientRequest. (C:\Users\raghu.ramanaik\AppData\Local\Programs\Microsoft Azure Storage Explorer\resources\app\node_modules\@storage-explorer\queue-extension\dist\src\index.js:2:105392)\n at ClientRequest.emit (node:events:513:28)\n at TLSSocket.socketErrorListener (node:_http_client:494:9)\n at TLSSocket.emit (node:events:513:28)\n at emitErrorNT (node:internal/streams/destroy:151:8)\n at emitErrorCloseNT (node:internal/streams/destroy:116:3)\n at process.processTicksAndRejections (node:internal/process/task_queues:82:21)", "type": "system", "errno": "ECONNREFUSED", "code": "ECONNREFUSED" }

Steps to Reproduce

I am not able to connect local storage from another system using HTTPs. after apply SAS key also showing error

Unable to retrieve child resources

ProducerError:{ "name": "FetchError", "message": "request to https://127.0.0.1:10001/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&st=2024-05-27T07%3A05%3A53Z&se=2024-05-28T07%3A05%3A53Z&sp=rl&SAS Token Redacted&comp=list&include=metadata&timeout=30 failed, reason: connect ECONNREFUSED 127.0.0.1:10001", "stack": "FetchError: request to https://127.0.0.1:10001/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&st=2024-05-27T07%3A05%3A53Z&se=2024-05-28T07%3A05%3A53Z&sp=rl&SAS Token Redacted&comp=list&include=metadata&timeout=30 failed, reason: connect ECONNREFUSED 127.0.0.1:10001\n at ClientRequest. (C:\Users\raghu.ramanaik\AppData\Local\Programs\Microsoft Azure Storage Explorer\resources\app\node_modules\@storage-explorer\queue-extension\dist\src\index.js:2:105392)\n at ClientRequest.emit (node:events:513:28)\n at TLSSocket.socketErrorListener (node:_http_client:494:9)\n at TLSSocket.emit (node:events:513:28)\n at emitErrorNT (node:internal/streams/destroy:151:8)\n at emitErrorCloseNT (node:internal/streams/destroy:116:3)\n at process.processTicksAndRejections (node:internal/process/task_queues:82:21)", "type": "system", "errno": "ECONNREFUSED", "code": "ECONNREFUSED" }

Actual Experience

I am not able to connect local storage from another system using HTTPs. after apply SAS key also showing error

Unable to retrieve child resources

ProducerError:{ "name": "FetchError", "message": "request to https://127.0.0.1:10001/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&st=2024-05-27T07%3A05%3A53Z&se=2024-05-28T07%3A05%3A53Z&sp=rl&SAS Token Redacted&comp=list&include=metadata&timeout=30 failed, reason: connect ECONNREFUSED 127.0.0.1:10001", "stack": "FetchError: request to https://127.0.0.1:10001/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&st=2024-05-27T07%3A05%3A53Z&se=2024-05-28T07%3A05%3A53Z&sp=rl&SAS Token Redacted&comp=list&include=metadata&timeout=30 failed, reason: connect ECONNREFUSED 127.0.0.1:10001\n at ClientRequest. (C:\Users\raghu.ramanaik\AppData\Local\Programs\Microsoft Azure Storage Explorer\resources\app\node_modules\@storage-explorer\queue-extension\dist\src\index.js:2:105392)\n at ClientRequest.emit (node:events:513:28)\n at TLSSocket.socketErrorListener (node:_http_client:494:9)\n at TLSSocket.emit (node:events:513:28)\n at emitErrorNT (node:internal/streams/destroy:151:8)\n at emitErrorCloseNT (node:internal/streams/destroy:116:3)\n at process.processTicksAndRejections (node:internal/process/task_queues:82:21)", "type": "system", "errno": "ECONNREFUSED", "code": "ECONNREFUSED" }

Expected Experience

No response

Additional Context

No response

craxal commented 1 month ago

@Raghurrn123 Azurite uses HTTP by default. Have you configured Azurite to use HTTPS?

Here are some helpful links to get you started:

Raghurrn123 commented 1 month ago

Hello Team,

As I am running azurite using https with below command, I am expecting it to connect azurite --silent --location ~/azurite/ --debug ~/azurite/logs/debug.log --cert 127.0.0.1.pem --key 127.0.0.1-key.pem --oauth basic --loose --blobHost 0.0.0.0 need your support on this.

Regards Raghu R IT Executive IPETRONIK India Private Limited No.20, 6th Floor, Unit No.603 Brigade Rubix Building, Watch Factory Road HMT Main Road, Yeshwanthpur Bengaluru, India – 560022 Ph : +91 6361783384

mail to : @.**@.> web : https://www.ipetronik.comhttps://www.ipetronik.com/

From: Craig Alvord @.> Sent: Tuesday, May 28, 2024 23:03 To: microsoft/AzureStorageExplorer @.> Cc: Ramanaik, Raghu @.>; Mention @.> Subject: Re: [microsoft/AzureStorageExplorer] Not able to connect from HTTPS (Issue #7961)

@Raghurrn123https://github.com/Raghurrn123 Azurite uses HTTP by default. Have you configured Azurite to use HTTPS?

Here are some helpful links to get you started:

— Reply to this email directly, view it on GitHubhttps://github.com/microsoft/AzureStorageExplorer/issues/7961#issuecomment-2135777999, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BIYBL5K3F7SW34H6NEDLO4TZES5VJAVCNFSM6AAAAABIKVBCF6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMZVG43TOOJZHE. You are receiving this because you were mentioned.Message ID: @.***>

Impressum/Imprint: https://www.ipetronik.com/impressum

craxal commented 1 month ago

@Raghurrn123

Raghurrn123 commented 1 month ago

Adding Rahul

From: Craig Alvord @.> Sent: Wednesday, May 29, 2024 22:07 To: microsoft/AzureStorageExplorer @.> Cc: Ramanaik, Raghu @.>; Mention @.> Subject: Re: [microsoft/AzureStorageExplorer] Not able to connect from HTTPS (Issue #7961)

@Raghurrn123https://github.com/Raghurrn123

— Reply to this email directly, view it on GitHubhttps://github.com/microsoft/AzureStorageExplorer/issues/7961#issuecomment-2137837340, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BIYBL5M2L2G7W6OKQYCSBUTZEX74XAVCNFSM6AAAAABIKVBCF6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMZXHAZTOMZUGA. You are receiving this because you were mentioned.

Impressum/Imprint: https://www.ipetronik.com/impressum

Raghurrn123 commented 1 month ago

Hello

* Did you import the certificate into Storage Explorer (see https://learn.microsoft.com/en-us/troubleshoot/azure/azure-storage/blobs/alerts/storage-explorer-troubleshooting?tabs=Windows#import-ssl-certificates)?

      Yes created root certificate & for 127.0.0.1 certificate and imported them into storage explorer    

      Yes we are trying to access the blob endpoint from IP address other than localhost / 127.0.0.1   

      Yes we will try this. @Ramanaik, @.***>: Please check without the flag and see if we are getting any requests.

     Are the certificates required for any client trying to connect / transfer to azurite ?

From: Ramanaik, Raghu @.> Sent: 30 May 2024 12:23 To: Subramoni, Rahul @.> Cc: Craig Alvord @.>; Mention @.>; microsoft/AzureStorageExplorer @.>; microsoft/AzureStorageExplorer @.> Subject: Re: [microsoft/AzureStorageExplorer] Not able to connect from HTTPS (Issue #7961)

Adding Rahul

From: Craig Alvord @.> Sent: Wednesday, May 29, 2024 22:07 To: microsoft/AzureStorageExplorer @.> Cc: Ramanaik, Raghu @.>; Mention @.> Subject: Re: [microsoft/AzureStorageExplorer] Not able to connect from HTTPS (Issue #7961)

@Raghurrn123https://github.com/Raghurrn123

— Reply to this email directly, view it on GitHubhttps://github.com/microsoft/AzureStorageExplorer/issues/7961#issuecomment-2137837340, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BIYBL5M2L2G7W6OKQYCSBUTZEX74XAVCNFSM6AAAAABIKVBCF6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMZXHAZTOMZUGA. You are receiving this because you were mentioned.

Impressum/Imprint: https://www.ipetronik.com/impressum

craxal commented 1 month ago

Yes we are trying to access the blob endpoint from IP address other than localhost / 127.0.0.1

Please add a new emulator connection if you have not already done so: image

image

Are the certificates required for any client trying to connect / transfer to azurite?

Generally speaking, HTTPS communications don't require any additional work. But Azurite uses HTTP by default, and enabling HTTPS requires a custom certificate. That's why the custom certificate needs to be imported into Storage Explorer.

Raghurrn123 commented 3 weeks ago

Hello Team,

  1. After remove the silent FLAG this log has been coming in ubuntu system,

[cid:474b8326-0df9-460a-bbcb-75486a2d78c9]

1.

  1. If i connecting from other system using connection string from shared access signature. Getting error in local system

[cid:9f33739d-40fb-4ad7-85d4-6ee6263759ce] Unable to retrieve child resources

ProducerError:{ "name": "FetchError", "message": "request to https://127.0.0.1:10000/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&spr=https%2Chttp&st=2024-06-03T07%3A10%3A46Z&se=2024-06-04T07%3A10%3A46Z&sp=rl&SAS Token Redacted&comp=list&include=metadata failed, reason: connect ECONNREFUSED 127.0.0.1:10000", "stack": "FetchError: request to https://127.0.0.1:10000/devstoreaccount1?sv=2023-01-03&ss=btqf&srt=sco&spr=https%2Chttp&st=2024-06-03T07%3A10%3A46Z&se=2024-06-04T07%3A10%3A46Z&sp=rl&SAS Token Redacted&comp=list&include=metadata failed, reason: connect ECONNREFUSED 127.0.0.1:10000\n at ClientRequest. (C:\Users\raghu.ramanaik\AppData\Local\Programs\Microsoft Azure Storage Explorer\resources\app\node_modules\se-blob-extension\dist\src\index.js:2:2835280)\n at ClientRequest.emit (node:events:513:28)\n at TLSSocket.socketErrorListener (node:_http_client:494:9)\n at TLSSocket.emit (node:events:513:28)\n at emitErrorNT (node:internal/streams/destroy:151:8)\n at emitErrorCloseNT (node:internal/streams/destroy:116:3)\n at process.processTicksAndRejections (node:internal/process/task_queues:82:21)", "type": "system", "errno": "ECONNREFUSED", "code": "ECONNREFUSED" }

Regards Raghu R IT Executive IPETRONIK India Private Limited No.20, 6th Floor, Unit No.603 Brigade Rubix Building, Watch Factory Road HMT Main Road, Yeshwanthpur Bengaluru, India – 560022 Ph : +91 6361783384

mail to : @.**@.> web : https://www.ipetronik.comhttps://www.ipetronik.com/

From: Craig Alvord @.> Sent: Friday, May 31, 2024 22:28 To: microsoft/AzureStorageExplorer @.> Cc: Ramanaik, Raghu @.>; Mention @.> Subject: Re: [microsoft/AzureStorageExplorer] Not able to connect from HTTPS (Issue #7961)

Yes we are trying to access the blob endpoint from IP address other than localhost / 127.0.0.1

Please add a new emulator connection if you have not already done so: image.png (view on web)https://github.com/microsoft/AzureStorageExplorer/assets/3473026/6e2495ef-f06c-4113-8b7c-ae6deb0a5f21 image.png (view on web)https://github.com/microsoft/AzureStorageExplorer/assets/3473026/88d48dc9-a443-4595-ad3d-b0abb0947f4a

Are the certificates required for any client trying to connect / transfer to azurite?

Generally speaking, HTTPS communications don't require any additional work. But Azurite uses HTTP by default, and enabling HTTPS requires a custom certificate. That's why the custom certificate needs to be imported into Storage Explorer.

— Reply to this email directly, view it on GitHubhttps://github.com/microsoft/AzureStorageExplorer/issues/7961#issuecomment-2142648611, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BIYBL5KUCECPGNDJOIOMBA3ZFCT25AVCNFSM6AAAAABIKVBCF6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBSGY2DQNRRGE. You are receiving this because you were mentioned.Message ID: @.***>

Impressum/Imprint: https://www.ipetronik.com/impressum

craxal commented 3 weeks ago

@Raghurrn123 Did you attach screenshots? I'm afraid they didn't come through. You will need to log in to GitHub and post the screenshots directly in this conversation. You can't do that through email.

craxal commented 3 weeks ago

Sorry, I led you wrong a bit. Your blob host listening to 0.0.0.0, so you have two options:

  1. Use the default IP 127.0.0.1, which is the IP of your local machine. I have been able to successfully connect to an Azurite via HTTPS this way.

  2. Use a connection string like you're connecting to a normal storage account:

    image

    image

Raghurrn123 commented 3 weeks ago

Hello Team,

Can i get the step-by-step setup in ubuntu that is local storage configuration, and it should connect another system. i tried what you share the steps. I want to cross check what i installed is correct or not. it will help validate .

Regards Raghu R IT Executive IPETRONIK India Private Limited No.20, 6th Floor, Unit No.603 Brigade Rubix Building, Watch Factory Road HMT Main Road, Yeshwanthpur Bengaluru, India – 560022 Ph : +91 6361783384

mail to : @.**@.> web : https://www.ipetronik.comhttps://www.ipetronik.com/

From: Craig Alvord @.> Sent: Monday, June 3, 2024 23:18 To: microsoft/AzureStorageExplorer @.> Cc: Ramanaik, Raghu @.>; Mention @.> Subject: Re: [microsoft/AzureStorageExplorer] Not able to connect from HTTPS (Issue #7961)

Sorry, I led you wrong a bit. Your blob host listening to 0.0.0.0, so you have two options:

  1. Use the default IP 127.0.0.1, which is the IP of your local machine. I have been able to successfully connect to an Azurite via HTTPS this way.

  2. Use a connection string like you're connecting to a normal storage account:

image.png (view on web)https://github.com/microsoft/AzureStorageExplorer/assets/3473026/0559f147-b7cb-4e38-ab42-5da794cdc314

image.png (view on web)https://github.com/microsoft/AzureStorageExplorer/assets/3473026/6f5eeb32-8590-4738-b880-de7be0a8972b

— Reply to this email directly, view it on GitHubhttps://github.com/microsoft/AzureStorageExplorer/issues/7961#issuecomment-2145789764, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BIYBL5LFZHV26TUG6C34DB3ZFST65AVCNFSM6AAAAABIKVBCF6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBVG44DSNZWGQ. You are receiving this because you were mentioned.Message ID: @.***>

Impressum/Imprint: https://www.ipetronik.com/impressum

Raghurrn123 commented 3 weeks ago

Hello Craxeal,

I tried what you give n step but it is not working. If i get step configuration for ubuntu system and it should connect to another system. it will help to validate my setup. After instauration I setup, but still it is not working. image

the same error is coming in client machine. what i attached pervious mail, "errno": "ECONNREFUSED", "code": "ECONNREFUSED"

craxal commented 3 weeks ago

Can you elaborate what you mean by "should connect another system"? Do you mean to say that you want other machines to be able to connect to the Azurite instance running on your machine? If that's true, I recommend using the Azurite Docker container image instead (see https://hub.docker.com/_/microsoft-azure-storage-azurite)

Can you please provide the detailed steps you followed, everything from creating the certificate files to creating the connection in Storage Explorer?

Here are the steps I followed:

  1. Install mkcert (see https://github.com/FiloSottile/mkcert#linux).
  2. Run the following commands: 
    mkcert -install
mkcert 127.0.0.1
  3. Launch Azurite from the command line.
  4. Launch Storage Explorer.
  5. Click the Connect button in the vertical toolbar and select "Storage account or service".
  6. Select "Connection string (Key or SAS)" then click Next.
  7. Give the connection a name and enter an appropriate connection string: 
    AccountName=devstoreaccount1;AccountKey=*****;BlobEndpoint=https://127.0.0.1/devstoreaccount1

These steps do not take into account the alternative IP address you are attempting to use or if the Azurite instance is in a Docker container. I suggest you consult the various pages I've linked to above for answers to your specific requirements and setup.