ECS: S3 request returns error 403 "Signature mismatch error" when using safe characters

Summary: S3 request returns HTTP Error 403. Correct credentials are being used. Error is seen when using "safe" characters in the object name, like underscore Signature mismatch error (403) when the underscore in the file name is encoded. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

A PUT request is sent to ECS, the request is denied showing "403 - unauthorized"
The object name contains a _ underscore or another safe character. 
GET requests are working properly.
For example, PUT requests from "SAS Viya" Application fail when using the underscore.

Example Request 403 Signature mismatch error:

2024-02-27 12:10:28,631 ac1f9511:189029ad365:357c84:389  123.45.xxx.xx:9021 172.31.xxx.xxx:9862 - htClient POST - sasviya-qa tmp_aaaaaaaa-bbbb-cccc-dddd-a3c2d3b40815_12345678.sashdat uploads HTTP/1.1 403 31 - - -1 - - - 123.xx.xx.xx 'X-Forwarded-For: 172.xx.xx.x'

svc_log confirms this is a signature mismatch:

svc_log -f "ac1f9511:189029ad365:357c84:389" -sr dataheadsvc -start 1d ago -sn -sf

169.254.1.2 2024-02-27T12:10:28,134 [qtp1758056339-124594-ac1f9511:189029ad365:357c84:389-s3-172.xx.xx.x] ERROR  S3V4Signer.java (line 302) Signature mismatch CalcSignature: 45753541dc729e7ebdbd2425e3a2fe8ab1f79f1e81b131409065e77f511e886b, ClientSignature: f5ed0ad93cdd67b58a1d93f24f0034b58e4bb29f0e54ecf6020db5b711ddba0a 

Cause

The application URL encodes all requests before sending the request to the target server. Therefore, the safe character is being replaced with its url value, like _ is being replaced with %5F. 

Resolution

The issue is fixed in release 3.8.x.
After the upgrade, a parameter must be set to allow safe characters. Reach out to Dell support to set this parameter.

Additional Information

Safe characters are:
Alphanumeric characters

  • 0-9

  • a-z

  • A-Z
Special characters

  • Exclamation point (!)

  • Hyphen (-)

  • Underscore (_)

  • Period (.)

  • Asterisk (*)

  • Single quote (')

  • Open parenthesis (()

  • Close parenthesis ())

Affected Products

ECS

Products

ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 1, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen1 U-Series , ECS Appliance Hardware Gen1 C-Series, ECS Appliance Hardware Gen2 C-Series, ECS Appliance Hardware Gen2 D-Series, ECS Appliance Hardware Gen2 U-Series, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ECS Software ...
Article Properties
Article Number: 000223857
Article Type: Solution
Last Modified: 10 Nov 2025
Version:  2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.