[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKINIT - kinit - "No usable pa data type", any ideas?

On 5/9/05, Eric Sylvain <esylvain@cedarpointcom.com> wrote:
> 17. Run kinit as user (i.e. Not root)
>      /usr/bin/kinit -C \
>        FILE:/usr/secure/client/clientcert.pem,/usr/secure/client/clientkey.pem
>      Enter your private key passphrase: <password>
> (QUESTION:Why do I get the following:
>            kinit: krb5_get_init_creds: No usable pa data type)

I came across this error at some point also - it be debugged in gdb
iirc, and most likely an openssl exception.
It might be due to you using the same certificate for server
authentication and client authentication.  You might not be able to do
that, as the x509 usage fields don't match the operation you're
attempting to performs (client auth is different than server auth).

hope this helps