Getting Delay in Response from KeyVault

Rahul Kapoor 21 Reputation points
2020-12-22T12:03:55.24+00:00

Hello
Hope everyone is doing well.

I will mention brief details about the project. So our code is based on Java SpringBoot and the code is used for fetching access token.
So first it will fetch the HMACSecret and Certificate from KeyVault, then fetches the Access token for the client.

But the problem is, when the code tries to connect to Key-Vault twice, both for HMACSecret and Certificate, it takes around 2 mins for each request. Which makes the response time of a single request to more than 4 mins.

Also to be noted, same code is deployed in 2 environments, out of which, one is working absolutely fine. There is few milliseconds delay only.

We have checked all configurations from server side, as well as cloud side . Both environments have some configs.
Just coudn't isolate the issue

Please find dummy error snippet - Notice the TimeStamp jump of 2 mins

19:08:00:680 DEBUG -  ! R:DUMMY.vault.azure.net/ip:443] Non Removed handler: azureWriteTimeoutHandler, context: null, pipeline: DefaultChannelPipeline{(reactor.left.sslHandler = io.netty.handler.ssl.SslHandler), (reactor.left.httpCodec = io.netty.handler.codec.http.HttpClientCodec), (azureReadTimeoutHandler = com.azure.core.http.netty.implementation.ReadTimeoutHandler), (reactor.right.reactiveBridge = reactor.netty.channel.ChannelOperationsHandler)}
19:08:00:680 DEBUG -  ! R:DUMMY.vault.azure.net/ip:443] Non Removed handler: azureResponseTimeoutHandler, context: null, pipeline: DefaultChannelPipeline{(reactor.left.sslHandler = io.netty.handler.ssl.SslHandler), (reactor.left.httpCodec = io.netty.handler.codec.http.HttpClientCodec), (azureReadTimeoutHandler = com.azure.core.http.netty.implementation.ReadTimeoutHandler), (reactor.right.reactiveBridge = reactor.netty.channel.ChannelOperationsHandler)}
19:08:00:681 DEBUG -  ! R:DUMMY.vault.azure.net/ip:443] Non Removed handler: azureReadTimeoutHandler, context: ChannelHandlerContext(azureReadTimeoutHandler, [id: , L:/IP:Port ! R:DUMMY.vault.azure.net/IP:443]), pipeline: DefaultChannelPipeline{(reactor.left.sslHandler = io.netty.handler.ssl.SslHandler), (reactor.left.httpCodec = io.netty.handler.codec.http.HttpClientCodec), (azureReadTimeoutHandler = com.azure.core.http.netty.implementation.ReadTimeoutHandler), (reactor.right.reactiveBridge = reactor.netty.channel.ChannelOperationsHandler)}
19:10:08:537  INFO - Azure Identity => Managed Identity environment: IMDS
19:10:08:538  INFO - Azure Identity => getToken() result for scopes [https://vault.azure.net/.default]: SUCCESS
19:10:08:539 DEBUG - Created a new pooled channel, now 1 active connections and 0 inactive connections
19:10:08:540 DEBUG - SSL enabled using engine SSLEngineImpl and SNI DUMMY.vault.azure.net:443

The above logs are generated while fetching secret from KeyVault.

Kindly help in debugging the issue. Please revert if any info is required.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,283 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.