Loading...

[Azure AI Search] Internal Server Error when creating CMK encrypted objects

[Azure AI Search] Internal Server Error when creating CMK encrypted objects

Scenario

Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:

{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}


Possible Causes

  • The key vault host is incorrect, e.g. incorrect key vault domain.
    • Action: check the keyVaultUri in the Json payload.
  • The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search. 
    • Action: check the SPL configurations or create a SPL. 

Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.

{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}

Published on:

Learn more
Azure PaaS Blog articles
Azure PaaS Blog articles

Azure PaaS Blog articles

Share post:

Related posts

Important Update: Server Name Indication (SNI) Now Mandatory for Azure DevOps Services

Earlier this year, we announced an upgrade to our network infrastructure and the new IP addresses you need to allow list in your firewall R...

9 hours ago

Azure Function | Publish | ‘attempt to publish the ZIP file failed’ error

While publishing a C# Azure Function from Visual Studio, I encountered the following error: The attempt to publish the ZIP file through XXXXX ...

1 day ago

Azure SDK Release (March 2025)

Azure SDK releases every month. In this post, you find this month's highlights and release notes. The post Azure SDK Release (March 2025) appe...

5 days ago

New Overlapping Secrets on Azure DevOps OAuth

As you may have read, Azure DevOps OAuth apps are due for deprecation in 2026. All developers are encouraged to migrate their applications to ...

6 days ago

Azure Cosmos DB Conf 2025: Learn, Build, and Connect with the Community

Join us for the 5th annual Azure Cosmos DB Conf, a free virtual developer event co-hosted by Microsoft and the Azure Cosmos DB community. This...

8 days ago

Summer 2025 Dynamics 365 Maps Release: Smarter Routing, Azure Maps, Canvas Apps & More!

Technology never stands still, and neither does Team Maplytics! With our latest March 2025 updates, your geo-mapping experience within Dynamic...

12 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy