1

I want to create a file share in azure storage account using command line .

i am using the command az storage share create --name myfile --account-name $NAME --account-key $key . but it is showing an error.

I also tried azcopy make "url for file share?accountkey" but it is also not working .i am using azcopy version 7.3

this is the error which i am getting.

The command failed with an unexpected error. Here is the traceback:

HTTPSConnectionPool(host='redboxtfstatebedtqgliqc.file.core.windows.net', port=443): Max retries exceeded with url: /myfile?restype=share (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))

Nancy
  • 26,865
  • 3
  • 18
  • 34
DEEPAK
  • 13
  • 1
  • 3
  • Try to update the Azure CLI latest version? https://learn.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest – Nancy Jul 09 '19 at 06:38
  • i am using latest azure cli – DEEPAK Jul 09 '19 at 06:39
  • Could you run the `az storage share` in Azure cloud shell? It seems to be related to an SSL cert issue. – Nancy Jul 09 '19 at 06:40
  • but i want to do it with my cmd not Azure cloud shell....any suggestions – DEEPAK Jul 09 '19 at 06:42
  • When did the error happen?`I also tried azcopy make "url for file share?accountkey" ` what do you mean? – Nancy Jul 09 '19 at 07:08
  • the mentioned error is of "az storage share create --name myfile --account-name $NAME --account-key $key". when i run azcopy make "url for file share?accountkey" i get " The syntax of the command is incorrect. Error parsing the argument "make": parameter name is required". – DEEPAK Jul 09 '19 at 07:16
  • Not clearly. Which command do you run to get the error? `az storage share create` or `azcopy`? – Charles Xu Jul 09 '19 at 07:31
  • az storage share create – DEEPAK Jul 09 '19 at 07:47
  • Also, check if your local firewall or corporate firewall intercepting one REST API call. refer to [this](https://github.com/Azure/azure-cli/issues/9355). and can you run `telnet redboxtfstatebedtqgliqc.file.core.windows.net 443` to verify this? I also suggest reinstalling your azure cli. – Nancy Jul 09 '19 at 08:01
  • I believe you're getting this error is because there's a self-signed certificate somewhere in your certificate chain (may be a proxy server), that is decrypting the request and then signing it again. Just do a search for `tls_process_server_certificate` and you'll see lots of threads with this issue. – Gaurav Mantri Jul 09 '19 at 08:08
  • 1
    If proxy uses self-signed certificates, you could refer to these ways in the wiki:https://github.com/Azure/azure-cli/blob/dev/doc/use_cli_effectively.md#working-behind-a-proxy – George Chen Jul 09 '19 at 09:20
  • 1
    well i adapted a different method for what i wanted to do ...so now file share creation is not the part of it .thanks for all of your concerns. – DEEPAK Jul 17 '19 at 09:55

1 Answers1

0

I had the same problem like the author of the post. It can be solved following the link which George Chen posted:

https://github.com/Azure/azure-cli/blob/dev/doc/use_cli_effectively.md#working-behind-a-proxy

  1. You need to edit the file: "C:\path_to_your_cli_installation\CLI2\Lib\site-packages\certifi\cacert.pem" and add the certificate of your proxy server
  2. You need to set the environment variable REQUESTS_CA_BUNDLE to "C:\path_to_your_cli_installation\CLI2\Lib\site-packages\certifi\cacert.pem"
GANdalf85
  • 129
  • 1
  • 7