configure PKINIT on Linux got No realms configured correctly for pkinit support
Benjamin Kaduk
kaduk at MIT.EDU
Tue Jul 23 20:14:00 EDT 2013
On Tue, 23 Jul 2013, Vivian zhang wrote:
> HI,
>
> I am trying to get my Linux system to support PKINIT. I followed the instruction on MIT website to generate keys and certificate, etc. I have also installed plugin (Krb5-plugin-preauth-pkinit-1.10.2-3.16.1.i586).
>
> However, it didn't work. There are so little information online to see what it's wrong. Can anybody help? The error I got from KDC log is:
>
> (Error): preauth pkinit failed to initialize: No realms configured correctly for pkinit support
> (info): setting up network...
> (info): listening on fd 7: udp 0.0.0.0.88 (pktinfo)
> ..........
>
> Anybody has encounter this problem or knows what's going wrong?
You have seen
http://web.mit.edu/kerberos/krb5-latest/doc/admin/pkinit.html
?
Does your kdc.conf contain pkinit_identity, pkinit_anchors, and
kdc_tcp_ports options?
-Ben Kaduk
More information about the krbdev
mailing list