[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKINIT - hash for CA key


On Monday 21 October 2002 20:13, STEWARD, Curtis (Jamestown) wrote:
> [...]
> Thanks, that worked, but it still errors against the KDC.
> I'm assuming the CA Cert(s) are all that is necessary to hash?
The root ca certificate as well as the intermediate 
ca certificates.

> [...]
> kinit: krb5_get_init_creds: KDC not trusted
> [...]
> pkinit_server = keith.jms.domain.com:88
The subject (or the subject alternative name) of 
the server certificate must contain the DNS name
of the KDC (keith.jms.domain.com).


Content Security by MailMarshal