[19068] in Kerberos
"KDC_NOT_TRUSTED" error
daemon@ATHENA.MIT.EDU (Anna M)
Tue Apr 15 10:20:15 2003
Message-ID: <014601c30314$03298db0$5101a8c0@Mindteck.com>
From: "Anna M" <anna.mammen@mindteck.com>
To: <tulare@jeffnet.org>
Date: Tue, 15 Apr 2003 11:28:16 +0530
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
cc: kerberos@mit.edu
cc: samba@samba.org
cc: friebel@ifh.de
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
I am getting the error "KDC_NOT_TRUSTED" while trying to talk to the Microsft KDC from a linux client using Heimdal's PKINIT.
In Heimdal's site http://home.zhwin.ch/~sri/kerberos_pkinit/ they have addressed this problem in their FAQ section: <<<Why does the kinit program abort with the error message: kinit: krb5_get_init_creds: KDC not trusted, although the certificate of the KDC is valid? The certificate of the KDC must contain its FQDN either in the subject or in the subject alternative name>>>
How can I check whether the KDC's certificate's subject name or subject alternative name contains FQDN? Where is the KDC's certificate lying? How can I access/view it? Could there be any other possibility for this error?
Thanks and regards,
Anna.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
