[Azure AI Search] Internal Server Error when creating CMK encrypted objects
![[Azure AI Search] Internal Server Error when creating CMK encrypted objects](https://cdn.techcommunity.microsoft.com/assets/Azure/BlogPreview_default-blue.png "[Azure AI Search] Internal Server Error when creating CMK encrypted objects")
Scenario
Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:
{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}
Possible Causes
- The key vault host is incorrect, e.g. incorrect key vault domain.
- Action: check the keyVaultUri in the Json payload.
- The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search.
- Action: check the SPL configurations or create a SPL.
Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.
{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}
Published on:
Learn moreRelated posts
7 tips to optimize Azure Cosmos DB costs for AI and agentic workloads
AI apps and agentic workloads expose inefficiencies in your data layer faster than any previous generation of apps. You’re storing embeddings,...
Voice of the MVP - Oracle AI Database@Azure
Public Preview: Actual Result for Manual Tests in Azure Test Plans
We’re excited to announce the public preview of the highly anticipated Actual Result (AR) feature for manual testing in Azure Test Plans...
Azure SDK Release (April 2026)
Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (April 2026) a...
General Availability: Dynamic Data Masking for Azure Cosmos DB
Protecting sensitive data is a foundational requirement for modern applications. As organizations scale their use of Azure Cosmos DB across te...
Azure DevOps MCP Server April Update
This update brings a set of improvements and changes across both local and remote Azure DevOps MCP Servers. Here’s a summary of what’s changed...
GitHub Copilot meets Azure Developer CLI: AI-assisted project setup and error troubleshooting
The Azure Developer CLI (azd) now integrates with GitHub Copilot for AI-assisted project scaffolding and intelligent deployment error troubles...