No principal in keytab

yuval yabadi at checkpoint.com
Thu Oct 30 10:47:34 EDT 2008


Hi 

 

I try to authenticate web server clients on Linux apache.

 

I have keytab from win2003 and kinit pass OK.

 

Klist show valid principal.

[Expert at fluid]# klist

Ticket cache: FILE:/tmp/krb5cc_0

Default principal:
HTTP/fluid.w2003ex.qa.checkpoint.com at W2003EX.QA.CHECKPOINT.COM

 

Valid starting     Expires            Service principal

10/30/08 14:50:28  10/31/08 00:50:46
krbtgt/W2003EX.QA.CHECKPOINT.COM at W2003EX.QA.CHECKPOINT.COM

        renew until 10/31/08 14:50:28

 

 

Kerberos 4 ticket cache: /tmp/tkt0

klist: You have no tickets cached

 

 

but I got gss error "No principal in keytab matches desired name"

 

 

debug:

[Thu Oct 30 16:14:15 2008] [debug] mod_auth_kerb.c(1182): [client
192.168.0.32] Acquiring creds for HTTP at fluid.w2003ex.qa.checkpoint.com

[Thu Oct 30 16:14:15 2008] [error] [client 192.168.0.32] gss_acquire_cred()
failed: Unspecified GSS failure.  Minor code may provide more information
(No principal in keytab matches desired name)

 

 

 

Is any one know how to debug this.

 

What went wrong?

 

Thanks

 

Yuval

 

 

 




More information about the Kerberos mailing list