[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pkinit

To: heimdal-discuss@sics.se
Subject: pkinit
From: Lun <ylhuang@csie.nctu.edu.tw>
Date: Thu, 29 May 2003 11:09:25 +0800
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.5.4i

Hi, 

I am trying to use pkinit to get a ticket from heimdal KDC..

I use openssl to generate CA certificate and put it in /usr/local/ca/certs
I also generate KDC certificate and put it in /var/heimdal/certs
I configured /var/heimdal/kdc.conf and added
	enable-pkinit = yes
	pki-certificate = /var/heimdal/certs/kdc-cert.pem
	pki-private-key = /var/heimdal/certs/kdc-key.pem
	pki-ca-dir = /usr/local/ca/certs
	pki-allowed-principals = {
		ellen = ellen
	}

	where ellen is the user id in my system and in my user certificate.

However, when I performed 
	kinit -C user-cert.pem -K user-key.pem -D /usr/local/ca/certs
I got
	kinit: krb5_get_init_creds: Unsupported preauthentication type..

Did I miss anything in my configuration?
Could anyone kindly tell me the correct configuration on my heimdal KDC?

Thank you very much...

Best regards,
Ellen Huang
-- 
+-----------------------ylhuang@csie.nctu.edu.tw
| Don't walk in front of me, I may not follow, |
| Don't walk behind me, I may not lead,        |
| Just walk beside me, and be my friend.       |
Yu-Lun Huang (Lun)-----------------------------+

Follow-Ups:
- Re: pkinit
  - From: Daniel Kouril <kouril@ics.muni.cz>

Prev by Date: Re: couple socket-connection questions
Next by Date: Re: pkinit
Prev by thread: ok-as-delegate
Next by thread: Re: pkinit
Index(es):
- Date
- Thread