azure-keyvault

问题 In my application I am getting exception when my application fetches value of first key vault secret. The exception I am only getting when I turn on "Common Language Run-time Exceptions" from exception settings. Exception that I am getting is- Microsoft.Rest.TransientFaultHandling.HttpRequestWithStatusException: 'Response status code indicates server error: 401 (Unauthorized).' StackTrace:- at Microsoft.Rest.RetryDelegatingHandler.<>c__DisplayClass11_0.<<SendAsync>b__1>d.MoveNext() My code to

问题 I am encrypting a blob using secret from a keyvault. Unfortunately, the EncryptionData metadata propery is not being set for the blob. It was working previously, but for some reason the property is not being set now. Can anyone help please? Please find below the code i am using to set the encryption policy. private void SetEncryptionPolicy(string containerName) { IKey cloudKey1; var secret = string.Format(ConfigurationManager.AppSettings["SecretUri"], containerName); //// Create key instances

问题 I have been battling with using Azure Key Vault in both development and production versions of my app for several days now. I can't seem to set things up correctly to gain access to my key vault from my app running locally during debug in VS 2017 or when deployed as a Web App on Azure. When I use the CLI with my account and resource group set I have no problem accessing a secret in my vault. However, when I try to access the same secret using the code below in my app I get an error stating

问题 This question relates to the following post which maybe helpful: Azure DevOps CI/CD and Separating Connection Strings from Source Control I'm currently working on an N-Layered project based off of an article by Imar Spaanjaars named ASP.NET N-Layered Applications I'm trying to implement Azure Key Vault to, I guess you can say, abstract secrets from the application itself. Goal I want implement Azure Key Vault using this N-Tier concept. I have a sample project located at NLayer-Spaanjaars

问题 I'm using KeyVaultClient from the 2.3.2 Microsoft.Azure.KeyVault NuGet. Using GetSecretAsync(,), I noticed that a KeyVaultErrorException is raised if I try to access a non-existent secret. Unfortunately that same error is also raised when access to the keyvault is denied or the keyvault endpoint is not found. The only distinguisher I see at the moment is the Message property. So what's the right way to detect that a secret was not found? Why would this throw an exception versus returning a

问题 I'm trying to add a private self-signed certificate to an Azure App Service (as in the screenshot at the bottom) via the REST API (in PowerShell). I call the API as follows: $certBody = @{ name = "InfoServiceTAKeyVaultDev" location = "West Europe" properties = @{ keyVaultId = "/subscriptions/<subscriptionId>/resourceGroups/BzInfoServiceTADEV/providers/Microsoft.KeyVault/vaults/BzKVInfoServiceTADev" keyVaultSecretName = "InfoServiceTAKeyVaultCert" } } Invoke-RestMethod ` -Method Put ` -Uri (

问题 I am trying to read secret in Azure Key Vault through Managed Service Identity (MSI) in Java. I want token to access the key vault through MSI. There are references available for .net to do this but did not find anything in Java. I don't want to do this through Client id/secret key or certificates. I want something in Java that is close to following .net code using Microsoft.Azure.KeyVault; using Microsoft.Azure.Services.AppAuthentication; AzureServiceTokenProvider azureServiceTokenProvider =

问题 I've written an ASP.NET Core 2.0 website in C# and have Facebook authentication enabled, so it requires HTTPS. I'm using the native Kestrel web server to host the site and have a listener set to take the PFX certificate per MS' documentation. I can't seem to find a way for Kestrel to recognize the private key after recall from Key Vault. I know it's present, as I wrote two debug statements that indicate it is, in fact present. This is the function that I'm using to retrieve the secret, which

问题 Why or how is Azure Key Vault secure? I need to store key URI and Client Id and Client Secret on the server, so if anyone grants access to the server on which application is hosted, he'll be able to access keys and secrets stored in the Key Vault. Which means it is just as secure to store them on the server, right? 回答1: You are misunderstanding the Key Vault. Key vault is secure in a sense that nothing gets transmitted over the public internet, all the communications with Key Vault and Azure

问题 I am having trouble accessing a secret from an Azure key vault. I suspect the problem is that I don't adequately understand the terminology, so the arguments I'm supplying to various API calls are wrong. Here's the basic code I'm using: protected async Task<string> GetCommunityKeyAsync( UserConfiguration user ) { var client = new KeyVaultClient( new KeyVaultClient.AuthenticationCallback( GetAccessTokenAsync ), new HttpClient() ); // user.VaultUrl is the address of my key vault // e.g., https: