Microsoft.Azure.KeyVault.Models.KeyVaultErrorException: 'Operation returned an invalid status code 'BadRequest''
Question
I am trying to get secrets from Azure keyVault on a.Net 4.5 console App, I followed This tuto , but I got a Bad Request error as mentioned in the title. I have to mention that my console app is newly created, and am using clientId and ClientSecret that belongs to another.Net core web api, that api is able to get secrets successfully, but that's not the case in my console app. Please find below the code am using, the exception is thrown at the instruction of client.GetSecretAsync(vaultAddress,SecretName):
static void Main(string[] args)
{
Console.WriteLine($"Secret Value from Vault is: { GetVaultValue()}");
//DoVault();
Console.ReadLine();
}
static string GetVaultValue()
{
KeyVaultClient client = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
var vaultAddress = "https://VaultName.vault.azure.net/";
var secretName = "storageName:NameAccount";
var secret = client.GetSecretAsync(vaultAddress, secretName).GetAwaiter().GetResult();
return secret.Value;
}
static async Task<string> GetToken(string authority, string resource, string scope)
{
var clientId = "This-IS-ID";
var clientSecret = "THIS-iS-my-Secret";
ClientCredential credential = new ClientCredential(clientId, clientSecret);
var context = new AuthenticationContext(authority, TokenCache.DefaultShared);
var result = await context.AcquireTokenAsync(resource, credential);
return result.AccessToken;
}
2 answers
solution1
1 ACCPTED 2020-08-24 03:14:15
The secretName contains a colon : , which led to this error.
Based on my test, we are not allowed to include a colon in the key vault name:
Please check and correct it.
solution2
0 2022-01-28 21:58:21
For someone who stills looking an alternative solution. I had the same issue. In my case was the Pfx was expired. The same error occurs when Pfx password is incorrect or Pfx file has an invalid format.
If you try to add it manually in azure KeyVault import form may be you will get this error:
The content of the specified PKCS#12 X.509 certificate cannot be read. Verify that the certificate is in valid PKCS#12 format and that the submitted password matches the certificate's export password.
I generated a new Pfx file with a non expired date and that solved the Issue.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.