Troubleshooting
Problem
The Deployment manager is suddenly having trouble communicating with a node where application servers were created. Deployment Manager SystemOut.log file displays the following error message when clicking on the System administration/Nodes menu from the integrated solution console.
Symptom
The Nodes are out of synchronization and having communication problems with the Deployment Manager,JVM status are reporting incorrectly.
Cause
SECJ9314E: An unexpected exception occurred when trying to run initSecContext() method : GSSException: org.ietf.jgss.GSSException,
major code: 11, minor code: 0
major string: General failure, unspecified at GSSAPI level
minor string: Error: java.lang.Exception: Error: com.ibm.security.krb5.Asn1Exception, status code: 906
message: Unexpected ASN1 identifier
Resolving The Problem
NOTE: This solution only applies if you are NOT using Kerberos authentication. If you are using just SPNEGO SSO, Kerberos is not required and should not be enabled.
The technote can be read that "LTPA & Kerberos" makes syncNode fail. If you have configured SPNEGO, and come across this error, then look into removing Kerberos authentication if it is not need it You may have Kerberos authentication is accidentally enabled, and that is why syncNode might fail. -> Check Authentication mechanism and see if LTPA only is OK for the environment.
This problem arises if your active authentication mechanism is set to "Kerberos and LTPA" on your server. This should be set to "LTPA" only.
We can see this from the security.xml file as follow:
activeAuthMechanism="KRB5_1"
From your admin console, please navigate to Security > Global Security. In the "Authentication" box, change the setting from "Kerberos and LTPA" to just "LTPA". Save, synchronize the change and restart the (Deployment Manager) Dmgr and all of the nodes, application servers in the entire cell.
If issue persists, please consider creating a problem management record with IBM WebSphere software support for further investigation. You need to enable SPNEGO mustgather
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21646283