[29870] in Kerberos
problem in sending AS_REQ
daemon@ATHENA.MIT.EDU (naveen.bn)
Mon May 26 06:34:26 2008
Message-ID: <483ADF2B.9080907@globaledgesoft.com>
Date: Mon, 26 May 2008 16:02:51 +0000
From: "naveen.bn" <naveen.bn@globaledgesoft.com>
MIME-Version: 1.0
To: Kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
hi all,
This is my krb5.conf
********************* krb5.conf ******************************
[libdefaults]
default_realm = _kerberos._udp.globaledgesoft.com
krb4_config = /usr/kerberos/lib/krb.conf
krb5_realms = /usr/kerberos/lib/krb.realms
pkinit_anchors = FILE:/secure/ca-cert.pem
[realms]
_kerberos._udp.globaledgesoft.com = {
admin_server = 172.16.8.141
kdc = 172.16.8.141
v4_instance_convert = {
gesl = _kerberos._udp.globaledgesoft.com
lithium = lithium.lcs. _kerberos._udp.globaledgesoft.com
}
pkinit_identity = FILE:/secure/mycert.pem,/secure/mycert.key
}
ANDREW.CMU.EDU = {
admin_server = 172.16.8.141
}
# use "kdc =" if realm admins haven't put SRV records into DNS
GNU.ORG = {
kdc = 172.16.8.141
kdc = 172.16.9.141
admin_server = 172.16.8.141
}
[domain_realm]
.globaledgesoft.com = _kerberos._udp.globaledgesoft.com
globaledgesoft.com = _kerberos._udp.globaledgesoft.com
[logging]
# kdc = CONSOLE
kdc=FILE:/var/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
***********************************************************************
and this is my kdc.conf
[kdcdefaults]
kdc_ports = 750,88
pkinit_identity=FILE:/secure/mycert.crt,/secure/mycert.key
pkinit_anchors=DIR:/secure/ca-cert.pem
[realms]
_kerberos._udp.globaledgesoft.com = {
database_name = /usr/local/var/krb5kdc/principal
admin_keytab = FILE:/usr/local/var/krb5kdc/kadm5.keytab
acl_file = /usr/local/var/krb5kdc/kadm5.acl
key_stash_file =
/usr/local/var/krb5kdc/.k5._kerberos._udp.globaledgesoft.com
kdc_ports = 750,88
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
pkinit_identity=FILE:/secure/mycert.crt,/secure/mycert.key
pkinit_anchors=DIR:/secure/ca-cert.pem
}
***************************************** kdc.conf **********************
I have used openssl program to generate the mycert.pem and key , but i
have not signed it with any ( neither self nor with ca ).
kinit -X X509_user_identity=FILE:/secure/mycert.pem,/secure/mycert.key
naveen
kinit(v5): Unknown code u8JW 88 while setting
'X509_user_identity'='FILE:/secure/mycert.pem,/secure/mycert.key
i am not able to send AS_REQ with pa data filled with certificates .
I am stuck her, please help me .
thank you .
with regards
naveen
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
