Share via

Facing SSL connection could not be established issue when get a secret from Azure KeyVault

Jason Liu 劉騏鋕 (jasonliu) 5 Reputation points
2023-12-20T07:14:17.0266667+00:00

Hello there,

It looks like an unexpected issue in my local develop box when accessing KeyVault.

Is there anything will cause this problem ? thank you.

My device:

  • Windows 10 Enterprise 22H2
  • Installed .NET SDK Version
    • 3.1.416
      • 6.0.403
        • 8.0.100

User's image

System.AggregateException
  HResult=0x80131500
  Message=Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.)
  Source=Azure.Core
  StackTrace:
   at Azure.Core.Pipeline.RetryPolicy.<ProcessAsync>d__5.MoveNext()
   at Azure.Core.Pipeline.HttpPipeline.<SendRequestAsync>d__18.MoveNext()
   at Azure.Security.KeyVault.KeyVaultPipeline.<SendRequestAsync>d__29.MoveNext()
   at Azure.Security.KeyVault.KeyVaultPipeline.<SendRequestAsync>d__21`1.MoveNext()
   at Azure.Security.KeyVault.Secrets.SecretClient.<GetSecretAsync>d__8.MoveNext()
   at Program.<<Main>$>d__0.MoveNext() in C:\Users\jasonliu\source\repos\AzureKeyVaultTest\Program.cs:line 12
   at Program.<Main>(String[] args)

Inner Exception 1:
RequestFailedException: The SSL connection could not be established, see inner exception.
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,448 questions
Developer technologies .NET Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akshay-MSFT 17,951 Reputation points Microsoft Employee Moderator
    2023-12-20T11:05:39.3433333+00:00

    @Jason Liu 劉騏鋕 (jasonliu)

    Thank you for posting your issue on Microsoft Q&A, from above description it looks like you are getting an SSL validation failure from Azure Core services (not KeyVault) while trying to fetch a certificate from your Vault.

    Please do correct me if this is not an issue by responding in the comments.

    I tried running same in Visual studio code and Visual studio template and this seems to be an SSL enabling issue in your local project. As per Run, debug, and make changes

    Close Visual Studio and then relaunch the program as an administrator. You can do this task by right-clicking the Visual Studio icon from the Start Menu, and then selecting the Run as administrator option from the context menu. You might also get a message that asks if you want to accept an IIS SSL Express certificate. To view the code in a web browser, select Yes, and then select Yes if you receive a follow-up security warning message.

    Or you must try following: How to Enable SSL in Visual Studio for a .NET Project

    Or

    This may a network configuration issue on Azure KeyVault:

    You must have configured Disable public network or allow public access from specific virtual networks and IP addresses.

    And for any source the IP must be whitelisted.

    User's image

    Thanks,

    Akshay Kaushik

    Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.

  2. Jason Liu 劉騏鋕 (jasonliu) 5 Reputation points
    2023-12-22T06:08:19.99+00:00

    Hello Akshay,

    The issue is resolved by adding private endpoint in our Azure KeyVault service.

    Again, thanks for your help.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.