I'm trying to setup azurite using these instructions, I see a number of others have been successful with this. I need to configure SSL (and eventually oauth) for my client app testing. The azurite container works fine without SSL, but when SSL is activated my client can't connect because the container isn't exposing the certificate.
I used mkcert to create the certificate. This is my docker-compose file. I'm mounting /certs and /data from my host.
version: '3.9'
services:
azurite:
image: mcr.microsoft.com/azure-storage/azurite
container_name: "azurite"
hostname: azurite
restart: always
ports:
- "10000:10000"
- "10001:10001"
- "10002:10002"
command: "azurite --oauth basic --cert /certs/127.0.0.1.pem --key /certs/127.0.0.1-key.pem --debug /logs/azurite-debug.log"
volumes:
- ./azurite-store:/data
- ./certs:/certs
- ./azurite-logs:/logs
Using openssl inside the container shows;
That's the cert I expect from mkcert & it's mounted as per the compose file.
From my laptop, openssl shows the following;
And there ends the fun! Why is the cert visible on the url inside the container, but not from the outside? I can't see anything in the compose file that would control if a cert is being exposed or not - I'm reasonably sure docker doesn't work like that - it's only exposing the tcp/ip layer to my laptop.
If I stop the container, port 10000 isn't reachable, start it and it opens so I don't think it's another process that I'm connecting to by mistake. Also, the fact that I get a connection means that it's not a connectivity issue.
Anyone got any thoughts on this one - it's weird! "Cert filtering" if I can call it that is certainly a new one!?
