Generate AS-REQ with RENEWABLE_OK flag?
Jeffrey Altman
jaltman at secure-endpoints.com
Thu Jul 12 14:26:55 EDT 2007
Henry B. Hotz wrote:
> On Jul 12, 2007, at 6:44 AM, Sam Hartman wrote:
>
>>>>>>> "Henry" == Henry B Hotz <hotz at jpl.nasa.gov> writes:
>> Henry> How do I generate a an AS_REQ with the RENEWABLE_OK flag
>> Henry> set?
>>
>> for a while now we've set that flag by default.
>
> That's not what wireshark says. I'll have to provide more info.
KDC_OPT_RENEWABLE_OK is the default value of [libdefaults]
"kdc_default_options". The flag is removed if the renew_till value is
non-zero or if KDC_OPT_RENEWABLE is set.
Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20070712/2105eda3/attachment.bin
More information about the krbdev
mailing list