Clear as mud: PKINIT and -nokey principal addition (krb5-1.13)

Siddharth Mathur smathur at blackbuck.mobi
Mon Jan 5 13:39:05 EST 2015


>
> It might help to try deploying to a regular Unix client, to help
> distinguish between client-side issues with the iOS Kerberos
> implementation (which I'm not very familiar with) and server-side issues.

Thanks for debugging tips Greg, will try them out ASAP and report back.

Overall, does what I am trying sounds achievable? No passwords even at
the first login, and exclusive use of client certificates?

Thanks, and hope the new year goes well for you!
Siddharth


More information about the Kerberos mailing list