Implementing Websphere WAS 6.1 under Top Secret, getting error message SECJ6221E

Document ID : KB000054466
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

I have implemented the WAS support as indicated in the BBOWBTSS REXX made available by the Technical Document TEC440786 . When trying to get an application initiation, I receive the following error in the WAS server log:

BBOO0220E: SECJ6221E: A native credential for user "username"
cannot be recreated. The native service results related to
this failure are: WebSphere service=BBOSSNAP,
WebSphere returnCode=42, SAF service=, SAF returnCode=0,
SAF product returnCode=0, SAF product reasonCode=0.

The application does not start.

There are no violation messages registered with Top Secret. Also the TSSOERPT report does not show any specific errors connected to this.

What is wrong?

Answer:

In the above mentioned case, it was determined that the resource IBMFAC(BBO.) had erroenously not yet been owned and permitted. This command sequence had to be yet done:

TSS ADD(owneracid)  IBMFAC(BBO.)
TSS PER(WSCFGPRF) IBMFAC(BBO.TRUSTEDAPPS.T1WASC.BBOC001) ACCESS(READ) 

After these commands were done, and Websphere was refreshed, the error messages did not re-occur, and the application worked.