Hi all, Excuse me, for perhaps posting a Noob question, But learning curve is steep, and have no access to the server, to check what's going on there.
I'm trying a kinit, based on the credentials on my organisation's smartcard. (with name & PWD, I did managed to get a ticket) If I do the kinit in debug mode, the last lines are: ... [2676] 1518080701.322521: Preauth module pkinit (17) (real) returned: -1765328314/unable to get local issuer certificate [2676] 1518080701.322581: Retrying AS request with master KDC [2676] 1518080701.322598: Getting initial credentials for u00m...@mod.nl<mailto:u00m...@mod.nl> [2676] 1518080701.322720: Sending request (154 bytes) to MOD.NL (master) kinit: Can't verify certificate while getting initial credentials Am I correct, in assuming that at the side of the KDC the problem lies; that the KDC is unable to retrieve the (sub-)CA's for validating my certificate? Kind regards, Hans Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
