This will be a short blog posting, but I have spent months if not years trying to figure out just how to get SAP HANA XS Advanced to support an environment with multiple DNS alias used for the host name or in various URLs.
The use of DNS alias is a common setup in many IT environment and even the cloud. For example, A SAP HANA system might have a particular internal FQDN and perhaps a few DNS Alias or even a public HOST name (IE.. AWS EC2)
The problem with SAP HANA XSA (routing_mode = ports) is that out of the box, it only supports the URL that you specified during XSA installation. If your clients are using a URL where the FQDN does not match, the XSA controler and UAA security server will deny access all day long. Error 500 or unavailable are common error messages when trying to logon to XSA apps.
Here is a way to solve this:
Assuming you have DNS configured properly, the solution is simple.
- Establish a default FQDN that works both inside and outside the organization. You can specify this during the install or in the xscontroler.ini -> communication api_url and default_domain setting.
- Make sure you can logon to the XSA apps before going further.
- If you have DNS CNAME alias, add them (comma separated) to the xsuaaserver.ini -> uaa.yml -> zones.internal.hostnames setting. The domain listed here will be accepted in the host header and allowed by the UAA server.
The UAA server, out of the box, will only accept request where the default xs controller FQDN matches. Use the zones.internal.hostnames to white-list additional DNS alias for the environment.