David, are you on Centos 6.4?
Try setting your ciphers to one of the Mozilla recommendation [1], that way, you won't negiotating kerberos ciphers suites anymore. If that doesn't help, and you need chroot, then you will have to upgrade to at least Centos 6.5. Regards, Lukas [1] https://wiki.mozilla.org/Security/Server_Side_TLS
