[Azure AI Search] Internal Server Error when creating CMK encrypted objects
![[Azure AI Search] Internal Server Error when creating CMK encrypted objects](https://cdn.techcommunity.microsoft.com/assets/Azure/BlogPreview_default-blue.png "[Azure AI Search] Internal Server Error when creating CMK encrypted objects")
Scenario
Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:
{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}
Possible Causes
- The key vault host is incorrect, e.g. incorrect key vault domain.
- Action: check the keyVaultUri in the Json payload.
- The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search.
- Action: check the SPL configurations or create a SPL.
Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.
{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}
Published on:
Learn moreRelated posts
Now Available: Sort Geospatial Query Results by ST_Distance in Azure Cosmos DB
Azure Cosmos DB’s geospatial capabilities just got even better! We’re excited to announce that you can now sort query results by distanc...
Query Advisor for Azure Cosmos DB: Actionable insights to improve performance and cost
Azure Cosmos DB for NoSQL now features Query Advisor, designed to help you write faster and more efficient queries. Whether you’re optimizing ...
Azure Developer CLI: Azure Container Apps Dev-to-Prod Deployment with Layered Infrastructure
This post walks through how to implement “build once, deploy everywhere” patterns using Azure Container Apps with the new azd publ...
Accelerate Your Growth: Azure Cosmos DB Partner Acceleration Program
Accelerate Your Growth: Azure Cosmos DB Partner Acceleration Program Unlock 360° Success with the Cosmos DB Engineering Team Are you ready to ...
Transforming Field Operations with AI, Azure Maps & Dynamics 365
Efficient field operations are the backbone of successful, data-driven organizations. Yet, many businesses continue to struggle with scattered...
Failures Happen in Cloud, but how Azure Cosmos DB keeps your Applications Online
The only thing that’s constant in distributed systems is failures. No cloud platform is immune to failures — from regional outages and transie...
The `azd` extension to configure GitHub Copilot coding agent integration with Azure
This post shares how to set up the GitHub Copilot coding agent integration with Azure resources and services by using the Azure Developer CLI ...