on 05-04-2017 10:25 AM
Hi,
I am using HXE 20 SP01 and I am getting an "Internal Server Error" when trying to login in XS Advanced.
This error occurs in xsa-admin (port 51015) and webide (port 53075). Both apps are running. Login screen appears. After login (user XSA_ADMIN or XSA_DEV) the message "Internal Server Error" appears. User XSA_ADMIN and XSA_DEV are correct, login with HANA studio is possible.
It worked two days ago. In the meanwhile I installed smart data streaming.
BTW: This is can be reproduced. Same story on two different host/vm combinations.
What can I do to tackle the issue?
Thanks Klaus
It seams XSA is not trusting it own certificate...
For me following solved the problem:
xs trust-certificate <ALIAS> -c <CERT_FILE> [-u HTTP|JDBC]
Now everything is working again, hopefully...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the answer. This solves the problem!!!
If this is of interest for others: One detail is important in step 1: the download has to be in format "Base-64-codiert X.509" (and not "DER-codiert X.509")
Otherwise there will be an error in step 4 "Failed to read X509 root certificate for trusted certificate entity"
Thanks again.
Hi All,
I recently faced the same issue and it was solved using the SAP Note 2243019. While installing the cockpit, XS advanced uses a self-signed server certificate at the platform router which expires in one year.
An expired server certificate for the XS advanced default domain or a bad certificate configuration might prevent the xscontroller service from starting. As a solution, log in at the HANA system as <sid>adm user and issue the following command:
XSA reset-certificate
Above will re-create a new self-signed certificate with new validity and you will be able to login again. Hope this would help.
You can use a custom certificate or renew the default certificate to update validity of the certificate
Regards,
Pankaj
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Same problem here, the logs say:
5/9/17 4:48:45.000 PM [RTR] OUT 10.242.73.193 - - to server.de:53075 "GET /login/callback?code=Pnjadn HTTP/1.1" 500 sent 32 in 12 by 00M-d9b58fc6-e672-4257-b67d-2405983daa74
5/9/17 4:48:45.178 PM [APP/2-0] SYS #2.0#2017 05 09 16:48:45:177#+02:00#ERROR#/Handler#########cw_oP-iMINVtBl1mc-6iL_11nTDJF4xz######j2ho8pyn#PLAIN##GET request to /login/callback?code=Pnjadn completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://server.de:39032/uaa-security/oauth/token failed: self signed certificate (connecting to server.de:39032)#
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Klaus,
Can you try clearing the cache memory in your web browser and try logging in again ? Sometimes cache memory in the browser can create some problems like this!
Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I just did a fresh install of HANA 2.0 SPS1 and deployed the XSA and default apps. I am getting the same error.
I imported the certificate but it did not resolve the issue.
xsa-logs show:
Connected, tailing logs for app "xsa-admin"... 5/26/17 4:20:13.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET / HTTP/1.1" 302 sent 5 in 4 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:13.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /index.html HTTP/1.1" 302 sent 0 in 3 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:13.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /login/callback?code=Hunb2o HTTP/1.1" 500 sent 32 in 287 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:13.601 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:13:601#-04:00#INFO#/Auth/OAuth2#########8qh_F-Zd7PA4podJKGP7-kkviWxkeEXJ######j36akhb3#PLAIN##sending redirect to https://<host>:38032/uaa-security/oauth/authorize?response_type=code&client_id=sb-admin&redirect_uri... 5/26/17 4:20:13.989 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:13:988#-04:00#ERROR#/Handler#########HZTc1agvW2g7EhkhMpZYVPbmG3FpQond######j36akhdz#PLAIN##GET request to /login/callback?code=Hunb2o completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://<host>:38032/uaa-security/oauth/token failed: self signed certificate (connecting to localhost:0)# 5/26/17 4:20:14.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /favicon.ico HTTP/1.1" 302 sent 0 in 3 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:14.000 PM [RTR] OUT 10.47.211.157 - - to <host>:51020 "GET /login/callback?code=YenT87 HTTP/1.1" 500 sent 32 in 284 by 00F-1a64a82f-82ca-4cfd-a53a-7c494be956c2 5/26/17 4:20:14.006 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:14:006#-04:00#INFO#/Auth/OAuth2#########1nTKxBciWCGE77I7xE-tCHhGrPCm4lys######j36akhmc#PLAIN##sending redirect to https://<host>:38032/uaa-security/oauth/authorize?response_type=code&client_id=sb-admin&redirect_uri... 5/26/17 4:20:14.350 PM [APP/2-3] SYS #2.0#2017 05 26 16:20:14:348#-04:00#ERROR#/Handler#########bThJwbR7gs4AatN_c16bWhBQHSPSV0Rg######j36akho3#PLAIN##GET request to /login/callback?code=YenT87 completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://<host>:38032/uaa-security/oauth/token failed: self signed certificate (connecting to localhost:0)#
In case of HXE (SAP HANA, express edition) I used the command
XSA reset-certificate
without the need to download and upload certificates.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I set up a new instance of HANA Express @ AWS and I am facing again that issue.
1) I already downloaded the certificate
2) I uploaded the certificate to the Server. In which Directory do I have to upload the certificate?????
3) I added successfully the certificate to the trusted store
4) I am not able to restart XS Engine, because I lost Connection
And now?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have same error. Wheredo you find out the URL to UAA to download the certificate? My instance # is 50.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
At first I met the same issue as you said and I did the fellowing steps
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I am facing the same issue today. I cannot logon to Web IDE for HANA (using xsuaa), get this error message "Internal Server Error".
Luckily I am able to logon on CLI level using the "correct" certificate. So I would exclude an isse with the certificates.
Any solution for that in the meantime?
thanks
Wolfgang
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We opened a SAP Ticket and still can not get a solution from support after 2 months. We have deployed 4 independent HANA 2.0 SPS1 environments with xsa and all the default apps. In all environment, we experience the exact same issue. When we enter the URL for XSA-ADMIN we are redirected to the logon. After enterning the XSA_ADMIN credentials, we are redirected to a page stating Internal Server Error.
From the xs CLI, I started a log tail on the xsa-admin service and if records multiple UAA related errors:
completed with status 500 - Could not authenticate with UAA: Could not obtain access token: request to UAA at https://<host_name>:38032/uaa-security/oauth/token failed: self signed certificate (connecting to localhost:0)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Klaus,
I saw the same issue while trying to login with xsa_admin user for the first time. All the browsers show the same error.
Checked with other colleagues, and got the solution for this. It worked for me, you can check your installation.
During the HXE installation process, it will ask for the local host name. And this host name should be the same with the one you used to login.
In my case, I installed HXE with short host name "xiyl50917298a", while login it using full name "xiyl50917298a.apj.global.***", then we saw the issue.
You should make sure both the host names are the same. Just for your information!
Regards,
Hubery
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Klaus,
Have you got chance to try the solution by clearing the cache?
Thanks!
Yiqing
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
did not work for me. Please see my comment of May 5th on Raghavis answer.
Could you try this?
Use different browsers for WebIDE and Cockpit. I suspect that navigating to WebIDE after signing in to Cockpit will attempt to log you in to WebIDE with XS_ADMIN, or, some session variables, local cookies are not being cleared properly.
Clear caches on both first - I've just tried this. When using the same browser, logging in to cockpit, and then trying to use WebIDE, I get the same behavior.
So, I use Chrome for WebIDE, and Safari for Cockpit..
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.