I tried using AzureCosmosDB Emulator, but I'm addicted to it, so I'll leave a note. AzureCosmosDB for Docker is only available from Docker for Windows.

Start AzureCosmosDB Emulator

I doubted my eyes, but I have 6GB ... If you are doing it on a shared NW, do it at night.

docker pull microsoft/azure-cosmosdb-emulator

Create a directory

md %LOCALAPPDATA%\CosmosDBEmulator\bind-mount

to start

docker run --name azure-cosmosdb-emulator --memory 2GB --mount "type=bind,source=%LOCALAPPDATA%\CosmosDBEmulator\bind-mount,destination=C:\CosmosDB.Emulator\bind-mount" --interactive --tty -p 8081:8081 -p 8900:8900 -p 8901:8901 -p 8902:8902 -p 10250:10250 -p 10251:10251 -p 10252:10252 -p 10253:10253 -p 10254:10254 -p 10255:10255 -p 10256:10256 -p 10350:10350 microsoft/azure-cosmosdb-emulator

An error occurs here

docker: Error response from daemon: failed to create endpoint azure-cosmosdb-emulator on network nat: HNS failed with error :The process cannot access the file. Another process is in use..

At first I didn't understand at all, but it seemed that it was covered with the port on the host side (McAfee in my case), and it worked well by changing the port setting when docker run.

If it starts up successfully, it will be in powershell mode and this will be output. ** Please note that when you cancel powershell mode, docker will be stopped. ** **

Key   : GremlinEndpoint
Value : {http://bd876a98b564:8901/,}
Name  : GremlinEndpoint

Key   : TableEndpoint
Value : {https://bd876a98b564:8902/,}
Name  : TableEndpoint

Key   : Key
Value : C2y6yDjf5/R+ob0N8A7Cgv30VRDJIWEHLM+4QDU5DE2nQ9nDuVTqobD4b8mGGyPMbIZnqyMsEcaGQy67XIw/Jw==
Name  : Key

Key   : Version
Value :
Name  : Version

Key   : IPAddress
Value :
Name  : IPAddress

Key   : Emulator
Value : CosmosDB.Emulator
Name  : Emulator

Key   : CassandraEndpoint
Value : {tcp://bd876a98b564:10350/, tcp://}
Name  : CassandraEndpoint

Key   : MongoDBEndpoint
Value : {mongodb://bd876a98b564:10255/, mongodb://}
Name  : MongoDBEndpoint

Key   : Endpoint
Value : {https://bd876a98b564:8081/,}
Name  : Endpoint

Import certificate

Import the certificate to the host. If you do not follow this procedure, you will not be able to connect to the management screen with your browser.

C:\Users\xxxx\AppData\Local\CosmosDBEmulator\bind-mount>powershell .\importcert.ps1

Importing self-signed certificate generated by the Azure Cosmos DB Emulator runnning in container a9ed9a9e172b to the certificate store on XXXXXX

Try connecting to Explorer

You can open a web console that looks exactly like the Data Explorer in Azure Cosmos DB. Try to access the address + _explorer / index.html that came out as Endpoint in the previous log.

It is OK if such a screen appears.


Connect to Cosmos DB emulator from Java

When I try to connect to Cosmos DB in Java, I get the following error:

[pool-1-thread-1] ERROR$DocumentDBThreadPoolExecutor  - Runnable execution exception
java.lang.IllegalStateException: PKIX path building failed: unable to find valid certification path to requested target
	at java.base/
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(
	at java.base/java.util.concurrent.ThreadPoolExecutor$
	at java.base/
Caused by: PKIX path building failed: unable to find valid certification path to requested target
	... 7 more

The certificate was imported to the host by the procedure of "Import certificate", but it seems to be an error because the certificate is not in the Java KeyStore.

Export the certificate

There is no problem with the procedure at the following URL.

Import the certificate

Change to the% JAVA_HOME% / lib / security directory.

Add the certificate to the keystore.

keytool -keystore cacerts -importcert -alias documentdbemulatorcert -file documentdbemulatorcert.cer
Please enter the keystore password:changeit
owner: CN=localhost
Issuer: CN=localhost
Serial number: 2fe969231bd7868a419cdc4067fb931a
Validity start date: Tue Jul 23 09:27:31 GMT+09:00 2019 end date: Sun Jul 21 09:27:31 GMT+09:00 2024
Certificate finger print:
         SHA1: 3F:32:E0:2E:31:32:2E:C3:1B:29:11:82:F1:7B:01:21:31:A6:5D:99
         SHA256: 12:2D:B9:6A:38:44:DB:04:00:B9:AB:8E:35:A8:89:76:AD:18:0C:45:AE:01:42:3F:E6:5E:F8:21:80:53:AF:47
Signature algorithm name: SHA1withRSA
Subject public key algorithm:1024 bit RSA key
version: 3


#1: ObjectId: Criticality=true
SubjectAlternativeName [
  DNSName: a9ed9a9e172b
  DNSName: localhost

Do you trust this certificate?[No]:  y
Certificate added to keystore

Make sure that the certificate was imported successfully

keytool -list -keystore cacerts

[Reference] Delete the certificate

keytool -delete -keystore cacerts -alias documentdbemulatorcert

in conclusion

Bringing 2G resources locally and adding to the certificate export / Keystore is rather troublesome, so I was worried about using it as it is ...

