Alias host name redirect to consoles is not working after upgrade to RSA Authentication Manager 8.3 patch 1

3 years ago

Originally Published: 2018-07-10

Article Number

000042158

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.3

Issue

Unable to access the consoles using alias names after upgrading RSA to Authentication Manager 8.3 patch 1. For example,

Authentication Manager 8.3 is deployed with a FQDN of am3-vcloud.local and configured an alias name through the hosts file with short version am83.
When trying to access the consoles use the URL of https://am83/sc and it automatically is redirected to the FQDN of am83-vcloud.local.

This works on Authentication Manager 8.3 prior to patch 1. After an upgrade to 8.3 patch 1, the following error appears in the browser:

invalid request

Resolution

To resolve this issue, you must add the alias name in the trusted host white list using the command below.

Open an SSH session to the primary.
Navigate to /opt/rsa/am/utils

login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Wed Jun 20 05:24:51 2018 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am83p:~> cd /opt/rsa/am/utils

Run the following command to add the alias name new configuration for the first time

./rsautil store -a add_config ims.trustedhost.whitelist.custom "AliasNameOfPrimary,AliasNameOfReplica" GLOBAL STRING

If values already exist, use update_config instead of add_config, as shown:

./rsautil store -a update_config ims.trustedhost.whitelist.custom "AliasNameOfPrimary,AliasNameOfReplica" GLOBAL STRING

To have the change tale effect, restart the services on the primary server

cd /opt/rsa/am/server
./rsaserv restart all

Now access the console again with the alias name.

Don't see what you're looking for?

Related Articles

Trending Articles