Failed to verify CMS message: bad signature
jarek
jarek at poczta.srv.pl
Wed Feb 26 09:26:26 EST 2020
Hello!
I've tried to migrate KDC (Debian 7) to new hardware with
Debian 9.
We are using KDC with pkinit and smartcards.
After fresh installation, I have copied /etc/krb5.conf,
/etc/krb5.keytab, /etc/krb5kdc and /var/lib/krb5kdc.
All certificates are in /etc/krb5kdc.
The new machine has the same name as old, only IP is different.
kadmin lists all pricinpals, kdc and admin server are working.
kinit from remote machine fails, on KDC in authlog we have
message:
PREAUTH_FAILED: Failed to verify CMS message: bad signature
What can be wrong ?
Best regards
Jarek
More information about the Kerberos
mailing list