Author: Jonathan Haun

Jonathan is currently working as a Sr. Director at Enowa LLC. He has over 20 years of BI and IT experience. He currently focuses exclusively on Technology, Business Intelligence tools, technologies and EIM processes. He has help hundreds of companies implement BI tools and strategies over the past 10 years. With Decision First a Protiviti Enterprise he primarily works with the SAP Business Objects IDD and EIM tools. This includes experience with Data Integrator, Data Services, Universe Design, Web Intelligence, Crystal Reports, Xcelsius, Business Objects Enterprise, HANA, BOE architecture and server sizing. He is also a contributing author to the SAP Press book “Implementing SAP HANA” and the SAP Insider Book “SAP HANA HA and DR Essentials” The views and opinions on this blog are my own. They do not necessarily represent the views and opinions of Enowa or SAP.

SAP HANA XS Advanced – DNS Alias


This will be a short blog posting, but I have spent months if not years trying to figure out just how to get SAP HANA XS Advanced to support an environment with multiple DNS alias used for the host name or in various URLs.

The use of DNS alias is a common setup in many IT environment and even the cloud. For example, A SAP HANA system might have a particular internal FQDN and perhaps a few DNS Alias or even a public HOST name (IE.. AWS EC2)

The problem with SAP HANA XSA (routing_mode = ports) is that out of the box, it only supports the URL that you specified during XSA installation. If your clients are using a URL where the FQDN does not match, the XSA controler and UAA security server will deny access all day long. Error 500 or unavailable are common error messages when trying to logon to XSA apps.

Here is a way to solve this:

Assuming you have DNS configured properly, the solution is simple.

  1. Establish a default FQDN that works both inside and outside the organization. You can specify this during the install or in the xscontroler.ini -> communication api_url and default_domain setting.
  2. Make sure you can logon to the XSA apps before going further.
  3. If you have DNS CNAME alias, add them (comma separated) to the xsuaaserver.ini -> uaa.yml -> zones.internal.hostnames setting. The domain listed here will be accepted in the host header and allowed by the UAA server.

The UAA server, out of the box, will only accept request where the default xs controller FQDN matches. Use the zones.internal.hostnames to white-list additional DNS alias for the environment.