Hi All,
1. What apis in MIT Kerberos lib are called when the pkinit is successful.
Shouldkrb5_get_init_creds_password be called in case of pkinit ?
2. What does PADATA UNKNOWN 149 means ? (I am getting that in AS REQ and
PRE-AUTH REQUIRED packets)
Arpit
Thanks Greg..I figured out the problem.
I was not calling gss_acquire_cred beforr calling gss_init_sec_context. As
client cred, I was simply passing NO CREDENTIALS.
So, it is important to call acquire_cred api for client credential handle and
then use that in context establishment.
Arpit
Original message
From: arpit.orb arpit@gmail.com
Date:
To: krbdev-requ...@mit.edu
Subject: Krb5 library not able to resolve KDC hostname
Hi All,
My KDC server is localkdc.com with local IP 192.168.1.40. I am facing following
problem:
Without VPN:
Hostname
Hi,
I am using Kerberos over internet by assigning a public IP to KDC. However, I
have following doubts:
1. Why is it that Kerberos is not deployed as preferred authentication
mechanism over internet ? I understand that some reasons are vulnerability if
KDC over port 88, address in tickets