[Azure AI Search] Internal Server Error when creating CMK encrypted objects
![[Azure AI Search] Internal Server Error when creating CMK encrypted objects](https://cdn.techcommunity.microsoft.com/assets/Azure/BlogPreview_default-blue.png "[Azure AI Search] Internal Server Error when creating CMK encrypted objects")
Scenario
Customers follow the Microsoft doc to create CMK encrypted objects (data source, index etc.), but get the 500 Internal Server Error:
{'error':{'code':'','message':'Could not use key vault key to wrap/unwrap the encryption key. {\\'Message\\':\\'An error has occurred.\\'}'}
Possible Causes
- The key vault host is incorrect, e.g. incorrect key vault domain.
- Action: check the keyVaultUri in the Json payload.
- The key vault host is inaccessible to search. For example, the key vault has public network access disabled but does not have a shared private link (SPL) configured from search.
- Action: check the SPL configurations or create a SPL.
Note that if the key vault Uri is correct or accessible, the error message due to a wrong key vault key name or version in the JSON payload is slightly different. The error message has the complete key vault key path.
{
"error": {
"code": "",
"message": "Could not use key vault key https://keyvaultname.vault.azure.net:443/keys/wrongkeyname to wrap/unwrap the encryption key. The key vault key cannot be found."
}
}
Published on:
Learn moreRelated posts
What’s New with Microsoft Foundry (formerly Azure AI Foundry) from Ignite 2025
Microsoft Ignite 2025 just wrapped up, and one of the biggest themes this year was the evolution of Azure AI Foundry, now simply called Micros...
Announcing: Dynamic Data Masking for Azure Cosmos DB (Preview)
Today marks a big step forward with the public preview of Dynamic Data Masking (DDM) for Azure Cosmos DB. This feature helps organizations pro...
Use Azure SRE Agent with Azure Cosmos DB: Smarter Diagnostics for Your Applications
We’re excited to announce the Azure Cosmos DB SRE Agent built on Azure SRE Agent; a new capability designed to simplify troubleshooting and im...
General Availability: Priority-Based Execution in Azure Cosmos DB
Have you ever faced a situation where two different workloads share the same container, and one ends up slowing down the other? This is a comm...
Announcing Preview of Online Copy Jobs in Azure Cosmos DB: Migrate Data with Minimal Downtime!
We are excited to announce the preview of Online Copy Jobs, a powerful new feature designed to make data migration between containers seamless...