Azure-cosmos-dotnet-v2: Is there any way to bypass CosmosDBEmulator SSL Verification for dotnet core developer?

Created on 26 Sep 2018  路  8Comments  路  Source: Azure/azure-cosmos-dotnet-v2

I've been stuck hours to bypass the self-signed certificate of Cosmos DB Emulator, I've tried below solutions, but no luck

  1. bypass all server certificate verification
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

this doesn't work in .net core, ServerCertificateValidationCallback isn't supported in .net core

  1. import and trust in certificates store (KeyChain on macOS)
    this works when browsing portal page (https://localhost:8081/_explorer/index.html), but makes no difference in .net core program.

  2. set HttpClientHandler.ServerCertificateCustomValidationCallback
    this works only for self-created HttpClient, helpless for DocumentClient.


is there any workaround or ConnectionPolicy should have a property like "DisableSSLVerification"?

All 8 comments

Hi @jimliuxyz, which OS are you running the emulator on? Is is Mac OS? The emulator can only run on windows.

Hi @srinathnarayanan , the emulator run on windows, and the client is dotnet core on both windows and macos.

I am also blocked by the same issue. I am trying to run the Cosmos DB emulator within a container for testing. It is really hard and even impossible to import the container's self-signed certificate to all my client environments, e.g. one test client environment is within a hosted VSTS test runner machine.

It seems like that 'DocumentClient' has its own HttpClient.

Is it possible to expose a 'DisableSSLVerification' option in DocumentClient's constructor?

@weng5e Are you using the VSTS Task that loads up the Cosmos DB Emulator https://marketplace.visualstudio.com/items?itemName=azure-cosmosdb.emulator-public-preview I have tested it with a NET Core solution and it works correctly (the latest version).

I didn't realize that DocumentClient now exposes an HttpMessageHandler constructor overload. You can use that to resolve this issue.

Closing as there is a similar issue reported (https://github.com/Azure/azure-cosmos-dotnet-v2/issues/284) and the solution, as also mentioned by @Cephei, is the new constructor.

@ealsur This emulator is such a poor after thought by MSFT. Using that in the ctor like that is a hack. There should be an emulator that works on OSX. Period.

@aaronscribner this reply is more than a year old.
Currently, you do not need any code change to make the Emulator work if your app is working on Linux or Mac, see https://docs.microsoft.com/en-us/azure/cosmos-db/local-emulator#running-on-mac-or-linux

I do agree that the Emulator would be awesome running on Mac, but that is outside of the scope of the SDK as a component, and rather related to the Emulator itself. Please vote for https://feedback.azure.com/forums/263030-azure-cosmos-db/suggestions/18533509-add-documentdb-emulator-support-for-mac-os-x-and to help drive the feature prioritization.

Was this page helpful?
0 / 5 - 0 ratings