The administrator performed the planned promotion of the RSA Authentication Manager Appliance. After that, he could log on to Security Console using a fully qualified domain hostname in the URL. However, logging on to the Security console gives "Bad Request 400" when trying to use the friendly alias server name in the URL. In DNS, it appears there is an alias set to the Primary server hostname and somehow after the promotion, the Security Console page is not loaded fully. Login prompt does not appear. Error Bad Request 400
Edit /opt/rsa/am/utils/resources/ims.properties You will notice that the last line has an incorrect server name. The alias is pointing to the old server name due to this line.
The server properties file always gets refreshed whenever there is a need to update IMS_INSTANCE_NODE table and in this case, the table will be updated to reflect the change in the primary server. This issue will occur if the friendly alias name is pointed to a different system in the DNS. At this point, the same alias will be pointing to 2 different systems (old primary and promoted primary) since the java cache is not refreshed. So a reboot is required on all systems whenever you point the alias to a different server/node.
Reboot all the systems whenever you point the alias to a different server name in the DNS. A reboot will flush the java/WebLogic/OS cache.
The workaround is to edit the file /opt/rsa/am/utils/resources/ims.properties and correct the Primary server name and restart RSA services.