PowerProtect: Replacing Custom Certificate Errors with Data Encipherment Check Failure.
Summary: There is an error displayed while replacing a custom certificate on the PowerProtect Data Manager server.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
On PowerProtect Data Manager version 19.18.0-14 and 19.18.0-17, while replacing a custom SSL certificate the following error message is returned:
400: Certificate has critical Key Usages but missing one or more of the required PPDM Key Usages: Digital Signature, Data Encipherment.
Include certificate without critical key usage, or else certificate must include the following required key usage: Digital Signature, Data Encipherment.
Cause
In PowerProtect Data Manager version 19.18.0-14 and 19.18.0-17, there is a check added. If Key Usage extension is marked as critical, then key usage values Digital Signature and Data Encipherment must be present.
For public SSL certificates, the key usage typically includes digitalSignature and keyEncipherment, but not dataEncipherment.
Resolution
The check for Data Encipherment has been removed from PowerProtect Data Manager v19.18.0-23 onwards.
Affected Products
PowerProtect Data Manager, PowerProtect Data Manager EssentialsArticle Properties
Article Number: 000283675
Article Type: Solution
Last Modified: 02 Sep 2025
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.