[Azure AI Search] Internal Server Error when creating CMK encrypted objects
![[Azure AI Search] Internal Server Error when creating CMK encrypted objects](https://cdn.techcommunity.microsoft.com/assets/Azure/BlogPreview_default-blue.png "[Azure AI Search] Internal Server Error when creating CMK encrypted objects")
Scenario
Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:
{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}
Possible Causes
- The key vault host is incorrect, e.g. incorrect key vault domain.
- Action: check the keyVaultUri in the Json payload.
- The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search.
- Action: check the SPL configurations or create a SPL.
Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.
{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}
Published on:
Learn moreRelated posts
Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention
Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention Picture the first few hours after a serious dat...
Announcing General Availability of the Azure Cosmos DB Built-in Connector for Logic Apps Standard
Today, we’re excited to announce the general availability of the Azure Cosmos DB built-in connector for Azure Logic Apps Standard. This ...
Microsoft Purview: Data Lifecycle Management – Azure PST Import
Azure PST Import is a migration method that enables PST files stored in Azure Blob Storage to be imported directly into Exchange Online mailbo...
June Patches for Azure DevOps Server
We are releasing new patches for our self‑hosted product, Azure DevOps Server. We strongly recommend that all customers stay up to date with t...
Copilot Autofix for GitHub Advanced Security for Azure DevOps
Over the last few years, we’ve encouraged customers to move their repositories from Azure Repos to GitHub, where the newest AI-powered a...