gss_acquire_cred() failed
Vlad
vladistan at gmail.com
Mon Jun 14 13:43:02 EDT 2010
Nicolas,
The reason you are getting this message is because the mod_auth_kerb
could not find the entry that matches your server name in the keytab,
you have to set it using KrbServiceName directive like this:
KrbServiceName HTTP/domain.. at DOMAIN.FR
Vlad
On Jun 14, 5:04 am, Nicolas Jaunet <nicolas.jau... at gmail.com> wrote:
> Hi !
>
> I installed mod_auth_kerb on my debian server and create a keytab to
> authenticate thanks to kerberos on a web site with apache tomcat.
> I created a user in my kdc.
> To check I did that :
>
> debian-server# klist -k krb5.keytab
> Keytab name: FILE:krb5.keytab
> KVNO Principal
> ----
> --------------------------------------------------------------------------
> 3 HTTP/domain... at DOMAIN.FR
>
> And the file /etc/apache2/kerberos.conf :
>
> AuthType Kerberos
> AuthName "Kerberos Login"
> KrbMethodNegotiate on
> KrbVerifyKDC off
> KrbMethodK5Passwd off
> KrbAuthRealms DOMAIN.FR
> Krb5KeyTab /etc/apache2/krb5.keytab
> require valid-user
>
> When I try to connect my web site withhttp://domain.fr
> I have a 500 Internal Server Error and the error.log file show me this error
> :
>
> gss_acquire_cred() failed: Unspecified GSS failure. Minor code may provide
> more information (No principal in keytab matches desired name)
>
> Someone can help me ?
> Thanks.
More information about the Kerberos
mailing list