ECS: OBS: Default Certificate Modified to Include New Node After Extension Causes Data Unavailability

Summary: After a node extension, the default data head self-signed server certificate is regenerated to include the new node in its Subject Alternative Name (SAN). This change causes clients to reject the updated certificate, resulting in data becoming unavailable. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

After a node extension, the default data head self-signed server certificate is regenerated to include the new node in its Subject Alternative Name (SAN). This change causes clients to reject the updated certificate, resulting in data becoming unavailable.

Cause

If the user does not configure the Data Head service server certificate and rely on the product’s default self-signed leaf certificate, then after a node extension the default certificate is replaced. This change breaks client trust, resulting in data becoming unavailable.

Resolution

The user must upload a valid certificate signed by their Certificate Authority (CA). Refer to the OBS Administrative Guide Certificates chapter for the required steps.

Affected Products

ECS Appliance, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ObjectScale Appliance Series, ObjectScale Software Series
Article Properties
Article Number: 000404206
Article Type: Solution
Last Modified: 16 Apr 2026
Version:  1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.