[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
pkinit module problems
Hi,
the situation is:
# /usr/bin/kinit -C
FILE:/etc/ssl/certs/pragai.pem,/etc/ssl/keys/pragai.key pragai
Enter your private key passphrase:
kinit: krb5_get_init_creds: No ENC-TS found
krb5.conf:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = RUBIN.HU
pkinit-openssl-engine =
ENGINE=dynamic,PRE=SO_PATH:/usr/local/lib/opensc/engine_pkcs11.so,PRE=ID:pkcs11,PRE=LIST_ADD:1,PRE=LOAD,PRE=MODULE_PATH:/usr/lib/soft-pkcs11.so
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
[realms]
RUBIN.HU = {
kdc = localhost
admin_server = localhost
win2k_pkinit = false
}
[domain_realm]
localhost = RUBIN.HU
localhost.localdomain = RUBIN.HU
[appdefaults]
pkinit-anchors = OPENSSL-ANCHOR-DIR:/etc/ssl/certs
win2k_pkinit = false
[kdc]
enable-pkinit = yes
win2k_pkinit = false
pki-identity = FILE:/etc/ssl/certs/kdc.pem,/etc/ssl/keys/kdc.key
pki-anchors = OPENSSL-ANCHOR-DIR:/etc/ssl/certs
maybe I miss something?
thanks,
Robert
Love Hörnquist Åstrand wrote:
> "Prágai, Róbert" <pragai@rubin.hu> writes:
>
>
>>Hi Geoff,
>>
>> sorry for this maybe offline question but which pkcs11 module do you
>>use for pkinit? I've tried the soft-pkcs11 module without luck, lately.
>
>
> What problems are you having with the module ?
>
> Love
>
>
>
>