/scripts/ahub.form.attachments.js
0

XS Advanced Internal Server Error

May 04, 2017 at 09:25 AM

1.9k

avatar image

Hi,

I am using HXE 20 SP01 and I am getting an "Internal Server Error" when trying to login in XS Advanced.

This error occurs in xsa-admin (port 51015) and webide (port 53075). Both apps are running. Login screen appears. After login (user XSA_ADMIN or XSA_DEV) the message "Internal Server Error" appears. User XSA_ADMIN and XSA_DEV are correct, login with HANA studio is possible.

It worked two days ago. In the meanwhile I installed smart data streaming.

BTW: This is can be reproduced. Same story on two different host/vm combinations.

What can I do to tackle the issue?

Thanks Klaus

10 |10000 characters needed characters left characters exceeded
Former Member

Hi ,

I am facing the same issue after installation hana 2.0 SP01 I am not able to login the XSA_admin , Login page is coming but after that the message "Internal Server Error" is coming , All my services are running fine, and one more thing I have observer is After installation of hana 2.0 SP01 XSA_ADMIN user is not listing in the user list ,Any idea what I have to do ?

Thanks

Anshul

0
* Please Login or Register to Answer, Follow or Comment.

12 Answers

Best Answer
avatar image
Former Member May 09, 2017 at 03:13 PM
1

It seams XSA is not trusting it own certificate...

For me following solved the problem:

  1. Open the login page (UAA), download the certificate with your browser (as base64 coded X.509).
  2. Upload the certificate to the server
  3. Import the certificate to the trust store with following command
  4. xs trust-certificate <ALIAS> -c <CERT_FILE> [-u HTTP|JDBC]
    

    (https://help.sap.com/viewer/4505d0bdaf4948449b7f7379d24d0f0d/2.0.01/en-US/860394705c894162847cf4e3bda70c7a.html )
  5. Reboot Server (or restart the SAP XS Controller)


Now everything is working again, hopefully...

Show 3 Share
10 |10000 characters needed characters left characters exceeded

Thanks for the answer. This solves the problem!!!

If this is of interest for others: One detail is important in step 1: the download has to be in format "Base-64-codiert X.509" (and not "DER-codiert X.509")

Otherwise there will be an error in step 4 "Failed to read X509 root certificate for trusted certificate entity"

Thanks again.

1
Former Member

You are welcome, but this is only a workaround, I don't know why and when this problem will occur again.

Maybe Former Member could open a ticket so the SAP can investigate and remove the cause of the problem.

0

for step 1 how to download certificate?

0
avatar image
Former Member
May 04, 2017 at 09:05 PM
1

Hi Klaus,

Can you try clearing the cache memory in your web browser and try logging in again ? Sometimes cache memory in the browser can create some problems like this!

Thanks!

Show 2 Share
10 |10000 characters needed characters left characters exceeded

Hi,

of course I tried this. Also different Browser Chrome, Edge, IE. Here a screenshot with Firefox that I used the very first time, definitely no cache at all.

Thanks, Klaus

0
Former Member

I just did a fresh install of HANA 2.0 SPS1 and deployed the XSA and default apps. I am getting the same error.

I imported the certificate but it did not resolve the issue.

xsa-logs show:

Connected, tailing logs for app "xsa-admin"... 5/26/17 4:20:13.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET / HTTP/1.1" 302 sent 5 in 4 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:13.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /index.html HTTP/1.1" 302 sent 0 in 3 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:13.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /login/callback?code=Hunb2o HTTP/1.1" 500 sent 32 in 287 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:13.601 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:13:601#-04:00#INFO#/Auth/OAuth2#########8qh_F-Zd7PA4podJKGP7-kkviWxkeEXJ######j36akhb3#PLAIN##sending redirect to https://<host>:38032/uaa-security/oauth/authorize?response_type=code&client_id=sb-admin&redirect_uri=https%3A%2F%2F<host>%3A51020%2Flogin%2Fcallback# 5/26/17 4:20:13.989 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:13:988#-04:00#ERROR#/Handler#########HZTc1agvW2g7EhkhMpZYVPbmG3FpQond######j36akhdz#PLAIN##GET request to /login/callback?code=Hunb2o completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://<host>:38032/uaa-security/oauth/token failed: self signed certificate (connecting to localhost:0)# 5/26/17 4:20:14.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /favicon.ico HTTP/1.1" 302 sent 0 in 3 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:14.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /login/callback?code=YenT87 HTTP/1.1" 500 sent 32 in 284 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:14.006 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:14:006#-04:00#INFO#/Auth/OAuth2#########1nTKxBciWCGE77I7xE-tCHhGrPCm4lys######j36akhmc#PLAIN##sending redirect to https://<host>:38032/uaa-security/oauth/authorize?response_type=code&client_id=sb-admin&redirect_uri=https%3A%2F%2F<host>%3A51020%2Flogin%2Fcallback# 5/26/17 4:20:14.350 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:14:348#-04:00#ERROR#/Handler#########bThJwbR7gs4AatN_c16bWhBQHSPSV0Rg######j36akho3#PLAIN##GET request to /login/callback?code=YenT87 completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://<host>:38032/uaa-security/oauth/token failed: self signed certificate (connecting to localhost:0)#

0
avatar image
Former Member May 09, 2017 at 02:51 PM
0

Same problem here, the logs say:

5/9/17 4:48:45.000 PM [RTR] OUT    10.242.73.193 - - to server.de:53075 "GET /login/callback?code=Pnjadn HTTP/1.1" 500 sent 32 in 12 by 00M-d9b58fc6-e672-4257-b67d-2405983daa74
5/9/17 4:48:45.178 PM [APP/2-0] SYS    #2.0#2017 05 09 16:48:45:177#+02:00#ERROR#/Handler#########cw_oP-iMINVtBl1mc-6iL_11nTDJF4xz######j2ho8pyn#PLAIN##GET request to /login/callback?code=Pnjadn completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://server.de:39032/uaa-security/oauth/token failed: self signed certificate (connecting to server.de:39032)#
Show 4 Share
10 |10000 characters needed characters left characters exceeded
Former Member

does Matthias' solution work for you?

0
Former Member

Not working for my environment...

0
Former Member

@xuelian.song

seems only to work for some days, but maybe this error is caused by an unsupported operating system.

Has somebody this problem on SLES? What setup are you using @klaus.freyburger ?

0
Former Member

I have the issue on SLES 12 SP1

0
Rudi Leibbrandt
Jun 01, 2017 at 06:20 AM
0

Could you try this?

Use different browsers for WebIDE and Cockpit. I suspect that navigating to WebIDE after signing in to Cockpit will attempt to log you in to WebIDE with XS_ADMIN, or, some session variables, local cookies are not being cleared properly.

Clear caches on both first - I've just tried this. When using the same browser, logging in to cockpit, and then trying to use WebIDE, I get the same behavior.

So, I use Chrome for WebIDE, and Safari for Cockpit..

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member
Jun 12, 2017 at 03:13 PM
0

Hi Klaus,

Have you got chance to try the solution by clearing the cache?

Thanks!

Yiqing

Show 1 Share
10 |10000 characters needed characters left characters exceeded

did not work for me. Please see my comment of May 5th on Raghavis answer.

0
avatar image
Former Member
Jun 27, 2017 at 02:10 AM
0

Hi Klaus,

I saw the same issue while trying to login with xsa_admin user for the first time. All the browsers show the same error.

Checked with other colleagues, and got the solution for this. It worked for me, you can check your installation.

During the HXE installation process, it will ask for the local host name. And this host name should be the same with the one you used to login.

In my case, I installed HXE with short host name "xiyl50917298a", while login it using full name "xiyl50917298a.apj.global.***", then we saw the issue.

You should make sure both the host names are the same. Just for your information!

Regards,

Hubery

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Aug 04, 2017 at 02:16 PM
0

We opened a SAP Ticket and still can not get a solution from support after 2 months. We have deployed 4 independent HANA 2.0 SPS1 environments with xsa and all the default apps. In all environment, we experience the exact same issue. When we enter the URL for XSA-ADMIN we are redirected to the logon. After enterning the XSA_ADMIN credentials, we are redirected to a page stating Internal Server Error.

From the xs CLI, I started a log tail on the xsa-admin service and if records multiple UAA related errors:

completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://<host_name>:38032/uaa-security/oauth/token failed: self signed certificate (connecting to localhost:0)

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member
Oct 18, 2017 at 06:38 AM
0

I am facing the same issue today. I cannot logon to Web IDE for HANA (using xsuaa), get this error message "Internal Server Error".

Luckily I am able to logon on CLI level using the "correct" certificate. So I would exclude an isse with the certificates.

Any solution for that in the meantime?

thanks

Wolfgang

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Jan 18 at 07:30 AM
0

At first I met the same issue as you said and I did the fellowing steps

  1. Upload the certificate to the server
  2. Import the certificate to the trust store with following command
  3. clearing the cache memory
  4. restart the HDB
Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member
Jan 23 at 01:51 AM
0

I have same error. Wheredo you find out the URL to UAA to download the certificate? My instance # is 50.

Share
10 |10000 characters needed characters left characters exceeded
Skip to Content