Description:
An Azure App Service was deployed 2 years ago, it could access Azure Key Vault with Managed Identity Authentication and Access Policy Configuration, it worked well in these years, but this year the functionality failed several times, and once failed, the App Service will not able to access the Key Vault, even if there is an internal retry mechanism, until the App Service is restarted.
Error:
Exception:ManagedIdentityCredential authentication failed: Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry. (An error occurred while sending the request.) (No connection could be made because the target machine actively refused it.) (No connection could be made because the target machine actively refused it.) (No connection could be made because the target machine actively refused it.)
Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry. (An error occurred while sending the request.) (No connection could be made because the target machine actively refused it.) (No connection could be made because the target machine actively refused it.) (No connection could be made because the target machine actively refused it.)
An error occurred while sending the request.
An error occurred while sending the request.
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
An existing connection was forcibly closed by the remote host.
Question:
- Is the error related to Managed Identity or App Service?
- Is the error related to Env like MSI_ENDPOINT or MSI_SECRET?
- Dose the error means the Auth request was even sent out of the app service machine or the remote Managed Identity Authentication Center got the request but refuse it?