Data Domain: Enterprise System Manager UI inaccessible after DDOS 7.x upgrade
Summary: Data Domain Enterprise Manager (DDEM) / System Manager graphical user interface (GUI) is not accessible after upgrading to DDOS 7.x
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Data Domain Enterprise Manager (DDEM) / System Manager graphical user interface (GUI) is not accessible after upgrading to DDOS 7.x. It will reported DDSM service is not available.
Following error will be reported in em.info file
Following error will be reported in em.info file
#log view debug/sm/em.info 12 Apr 2021 20:21:40,536 INFO [main] SMS is running in secure (HTTPS) mode. 12 Apr 2021 20:21:40,817 INFO [main] *** Creating mutual auth connection manager, max connections: 45, max connections per host: 2 12 Apr 2021 20:21:40,839 INFO [main] *** Creating no mutual auth connection manager, max connections: 1, max connections per host: 1 12 Apr 2021 20:21:40,839 INFO [main] *** Creating Http Client with connectTimeout: 30000, socketTimeout: 120000, connectionManagerTimeout: 30000 12 Apr 2021 20:21:40,916 INFO [main] *** Creating Http Client with connectTimeout: 30000, socketTimeout: 120000, connectionManagerTimeout: 30000 12 Apr 2021 20:21:41,217 INFO [main] Re-initializing the certificates between the client and the server 12 Apr 2021 20:21:41,217 INFO [main] Reloading the certificate stores for the system 12 Apr 2021 20:21:41,228 INFO [main] Finished reloading the certificate stores 12 Apr 2021 20:21:41,229 ERROR [main] Exception during command execution: javax.net.ssl.SSLException - Error creating premaster secret. , will retry, Attempt# 1 12 Apr 2021 20:21:41,380 INFO [main] Re-initializing the certificates between the client and the server 12 Apr 2021 20:21:41,381 INFO [main] Reloading the certificate stores for the system 12 Apr 2021 20:21:41,397 INFO [main] Finished reloading the certificate stores
Cause
Since DDOS 6.0, the key-length for the certificate which GUI uses by default is 2048. Whereas in DDOS 5.x versions, key-strength was 1024-bit. Key-length was increased to 2048.
DDOS 7.x enforces this key-strength as part of enhanced security hardening
DDOS 7.x enforces this key-strength as part of enhanced security hardening
Resolution
For system using default self signed certificates
Step 1:
- If you have determined that we are hitting the issue in this KB by checking em.info, then follow steps in this KB to regenerate new CA cert:
- Data Domain: Web UI Inaccessible Due to Expired https Certificate
Step 1:
- Log in to the DD via the CLI as "sysadmin" or equivalent user, and turn to "SE privilege mode"
NOTE: SE commands have been deprecated in DDOS versions 7.7.5.25, 7.10.1.15, 7.13.0.15, 6.2.1.110 and above and are accessible only by Dell employees
- Delete current certificate used
# adminaccess certificate delete imported-host application https
- Now follow steps in this KB to generate a new self signed CA certificate
- Data Domain: Web UI Inaccessible Due to Expired https Certificate
- To get a new externally signed cert imported, use this KB:
- Data Domain: How to Generate a Certificate Signing Request and Use Externally Signed Certificates
Affected Products
Data DomainArticle Properties
Article Number: 000185217
Article Type: Solution
Last Modified: 04 Sept 2025
Version: 9
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.