[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pkinit_require_eku

Hello Alberto,

>    i have installed heimdal and i want to prove authentication by  
> certificates. But when i pass my certificate and private key to  
> kinit it gives me this message:

I forgot to add them to the program, just fixed that problem.

The configuration option needs to be in the client's krb5.conf

> And is it a necessary requirement to have eku field in the  
> certificates ?

Its required to have the PK-INIT EKU in the KDC's certificate by
the RFC specifying PK-INIT.