[36198] in Kerberos
RE: Advice on cross-realm PKINIT?
daemon@ATHENA.MIT.EDU (Nordgren, Bryce L -FS)
Mon Jun 9 21:20:01 2014
From: "Nordgren, Bryce L -FS" <bnordgren@fs.fed.us>
To: "Nordgren, Bryce L -FS" <bnordgren@fs.fed.us>,
Greg Hudson
<ghudson@mit.edu>, "kerberos@mit.edu" <kerberos@mit.edu>
Date: Tue, 10 Jun 2014 01:16:53 +0000
Message-ID: <82E7C9A01FD0764CACDD35D10F5DFB6E6D4AFD@001FSN2MPN1-044.001f.mgd2.msft.net>
In-Reply-To: <82E7C9A01FD0764CACDD35D10F5DFB6E6D4A9B@001FSN2MPN1-044.001f.mgd2.msft.net>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> Does
> openssl not like slashes in environment variable expansions?
Further probing singles out the slash as the culprit. I tried again with principals test@EXAMPLE.COM and test_EXTERNAL.ORG@EXAMPLE.COM. Both worked fine via pkinit. Add the slash and there's a "Client name mismatch". My testing cannot point the finger at either openssl , kinit or the KDC.
Bryce
This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
