0
votes

I am trying to connect to key vault using Using Client Id & Certificate. I am getting an error. My code was working before adding the .ConfigureAppConfiguration part in Program.cs. Not sure how to summarise the whole process because it's been very lengthy (I have mostly followed a tutorial called "How to securely store and load secrets using Azure Key Vault in .NET Core (using a certificate)" on youtube). Shall I summarise the steps I took at the end of my question? (I have documented them in a 40 page Word document.)

Below is a copy of my Program.cs class (the error is triggered right after builder.AddAzureKeyVault):

    public class Program
    {
        public static void Main(string[] args)
        {
            CreateHostBuilder(args).Build().Run();
        }

        public IConfiguration Configuration { get; set; }

        public static IHostBuilder CreateHostBuilder(string[] args) =>
            Host.CreateDefaultBuilder(args)
                .ConfigureAppConfiguration(builder =>
                {
                    var configuration = new ConfigurationBuilder().AddJsonFile("appsettings.json").Build();
                    var vaultName = configuration.GetSection("KeyVault").GetSection("Vault").Value;
                    builder.AddAzureKeyVault($"https//{vaultName}.vault.azure.net/",
                    configuration.GetSection("KeyVault").GetSection("ClientId").Value,
CertificateHelper.GetCertificate(configuration.GetSection("KeyVault").GetSection("Thumbprint").Value),
                        new PrefixKeyVaultSecretManager("PrefixOfMySecret"));
                })
                .ConfigureWebHostDefaults(webBuilder =>
                {
                    webBuilder.UseStartup<Startup>();
                });
    }

The error is this (about UriFormat, but I can't figure out which Uri it is).

System.UriFormatException HResult=0x80131537 Message=Invalid URI: The format of the URI could not be determined.
Source=System.Private.Uri StackTrace: at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind) at System.Uri..ctor(String uriString) at Microsoft.Azure.KeyVault.KeyVaultClient.d__66.MoveNext() at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) etc etc

What would you say it seems to be related to?

Which Uri and once identified should I try to access it manually? Thank you.

PS. If it's related to $"https//{vaultName}.vault.azure.net/", should I be able to open this in my browser: http://https//my-keyvault.vault.azure.net/? If I try, I get a "this site cannot be reached" error.

1

1 Answers

0
votes

The uri in your code is incorrect, missing a : character after "https". It should be:

https://{vaultName}.vault.azure.net/

You can also open this uri in your browser, please input https://{vaultName}.vault.azure.net/ into your browser but not http://https//my-keyvault.vault.azure.net/. It will not show "this site cannot be reached", it will show "You do not have permission to view this directory or page using the credentials that you supplied".