Reputation: 61
Azure Keyvault stopped working on IIS hosted site
Hi I have a question regarding Azure keyvault and IIS. So our server provider did an windows patch: 2021-04 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5001347) 2021-04 Servicing Stack Update for Windows Server 2016 for x64-based Systems (KB5001402)
After this windows patch and restart of server our fetch from web.config to keyvault in Azure stopped to work.
When IIS is starting our app it can not find Microsoft.Configuration.ConfigurationBuilders.Azure Even if the DLL is located in the bin folder.
One other important thing to mention is that our connectionStrings to the database that are located in their own file connectionstrings.config are working great with Azure Keyvault.
Our windows services on the same machine are also working great with Azure Keyvault.
So the issue is only affecting our appsettings section in our web.config. We have tried to add the bin folder to privatePath in the web.config, that didnt help
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<probing privatePath="bin;modulesbin"/>
This works great on our STAGING machine which has the same windows updates and uses the same configs. Does anyone have a clue what we can do next? What we are using:
System.Configuration.ConfigurationBuildersSection, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
<configBuilders>
<builders>
<add name="AzureKeyVault" vaultName=somevaultname"
type="Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder, Microsoft.Configuration.ConfigurationBuilders.Azure, Version=1.0.0.0, Culture=neutral"
vaultUri="somevaulturi"/>
</builders>
</configBuilders>
Thanks for any help
Edit: We have now installed newer Azure dlls. Installed Azure CLI on server. We hare now using AZURE_TENANT_ID, AZURE_CLIENT_SECRET, AZURE_CLIENT_ID instead of AzureServicesAuthConnectionString in the environment variables.
After reboot, the webapp, services, connectionstring stopped working. Error message in Event viewer: Exception message: An error occurred loading a configuration file: The specified user does not have a valid profile. Unable to load 'Microsoft.Configuration.ConfigurationBuilders.Azure
Everything still work as expected on our stage server.
Upvotes: 4
Views: 516
Answers (1)
Reputation: 61
AZURE_TENANT_ID was added correctly under Administrator environment variables but under system environment variables it was added with AZURE_TENTANT_ID (one t too much) Such a typo. All good now.
Upvotes: 2
Related Questions
- Azure KeyVault throws 401 unauthorized error but the response still has 200 status and correct data
- KeyVaultClient throws FatalExecutionEngineError on debug randomly
- Azure Keyvault Local Issues
- HTTP Error 500.30 Azure.RequestFailedException
- Sudden System.Net.Http.HttpRequestException with Azure KeyVault
- KeyVaultErrorException: Operation returned an invalid status code 'Forbidden'
- Can't access KeyVault when running in Visual Studio
- Exception raised while accessing keyvault in Azure through C#
- Azure C# KeyVaultErrorException: Operation returned an invalid status code 'Forbidden'
- Problem with configuring Azure KeyVault in ASP.net app