[30390] in Kerberos
No principal in keytab
daemon@ATHENA.MIT.EDU (yuval)
Thu Oct 30 10:50:38 2008
From: "yuval" <yabadi@checkpoint.com>
To: <kerberos@mit.edu>
Date: Thu, 30 Oct 2008 16:47:34 +0200
Message-ID: <011d01c93a9e$723528a0$7b2e1dc2@ad.checkpoint.com>
MIME-Version: 1.0
Reply-To: yabadi@checkpoint.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi
I try to authenticate web server clients on Linux apache.
I have keytab from win2003 and kinit pass OK.
Klist show valid principal.
[Expert@fluid]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal:
HTTP/fluid.w2003ex.qa.checkpoint.com@W2003EX.QA.CHECKPOINT.COM
Valid starting Expires Service principal
10/30/08 14:50:28 10/31/08 00:50:46
krbtgt/W2003EX.QA.CHECKPOINT.COM@W2003EX.QA.CHECKPOINT.COM
renew until 10/31/08 14:50:28
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
but I got gss error "No principal in keytab matches desired name"
debug:
[Thu Oct 30 16:14:15 2008] [debug] mod_auth_kerb.c(1182): [client
192.168.0.32] Acquiring creds for HTTP@fluid.w2003ex.qa.checkpoint.com
[Thu Oct 30 16:14:15 2008] [error] [client 192.168.0.32] gss_acquire_cred()
failed: Unspecified GSS failure. Minor code may provide more information
(No principal in keytab matches desired name)
Is any one know how to debug this.
What went wrong?
Thanks
Yuval
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
