[Azure AI Search] Internal Server Error when creating CMK encrypted objects
![[Azure AI Search] Internal Server Error when creating CMK encrypted objects](https://cdn.techcommunity.microsoft.com/assets/Azure/BlogPreview_default-blue.png "[Azure AI Search] Internal Server Error when creating CMK encrypted objects")
Scenario
Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:
{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}
Possible Causes
- The key vault host is incorrect, e.g. incorrect key vault domain.
- Action: check the keyVaultUri in the Json payload.
- The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search.
- Action: check the SPL configurations or create a SPL.
Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.
{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}
Published on:
Learn moreRelated posts
Power BI Demo - Azure Maps are Where?
Moving to TLS 1.2 for Azure Cosmos DB: Ensuring Secure Connections
Security and reliability are at the core of modern cloud applications. To strengthen data protection and align with industry best practices, w...
GitHub Copilot for Azure DevOps users
Azure DevOps customers frequently ask us when GitHub Copilot will be available to them. What many don’t realize is that GitHub Copilot for Bus...
Rust in time! Announcing the Azure SDK for Rust Beta. 🎉
Announcing the first beta release of the Azure SDK for Rust. This release includes libraries for Identity, Key Vault secrets & keys, Event...
Introducing Azure AI Foundry Labs
Go passwordless when calling Azure OpenAI from Azure SQL using Managed Identities
Security is a significant topic today, and the ability to access a service requiring authentication without using an API key, password, or sec...
Spring Cloud Azure updates and troubleshooting tips for Java on AKS
This post shows the latest Spring Cloud Azure updates. The post Spring Cloud Azure updates and troubleshooting tips for Java on AKS appeared f...
Episode 395 – Getting Started with VDI in Azure with Azure Virtual Desktop
Welcome to Episode 395 of the Microsoft Cloud IT Pro Podcast. In this episode, we dive into Azure Virtual Desktop (AVD) and how it enables org...