Loading...

[Azure AI Search] Internal Server Error when creating CMK encrypted objects

[Azure AI Search] Internal Server Error when creating CMK encrypted objects

Scenario

Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:

{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}


Possible Causes

  • The key vault host is incorrect, e.g. incorrect key vault domain.
    • Action: check the keyVaultUri in the Json payload.
  • The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search. 
    • Action: check the SPL configurations or create a SPL. 

Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.

{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}

Published on:

Learn more
Azure PaaS Blog articles
Azure PaaS Blog articles

Azure PaaS Blog articles

Share post:

Related posts

Fundamentals of Azure DevOps with SQL projects

Building automated pipelines with your SQL database projects enables you to build a rich CI/CD ecosystem to ensure that your application is be...

1 day ago

Upcoming Change: NTLM Removal in Git (libcurl) – Impact to Azure DevOps Server Customers

Overview In September 2026, NTLM support will be removed from libcurl, which is used by Git for HTTP(S) operations. As a result, Git operation...

1 day ago

What’s new across Microsoft SQL in 2026 so far (SQL Server, Azure SQL, and SQL database in Fabric)

We’re halfway through 2026, and Microsoft SQL has not slowed down. Since SQLCon/FabCon in March (where we released a ton of things, and those ...

2 days ago

Power Automate Flow — HTTP Trigger to Azure OpenAI

Build the secure Power Automate HTTP trigger flow that receives free text from the portal, calls Azure OpenAI using your smart-form-extract de...

4 days ago

Spring AI 2.0 is GA: Vector Search, Memory, and Agents on Azure Cosmos DB

The wait is over. Spring AI 2.0 is generally available, and Azure Cosmos DB is right there with it. With this release, Spring AI graduates int...

4 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy