Keytab Validation failing

I am trying to validate a keytab file. I am getting the following error message

kinit: Keytab contains no suitable keys for HTTP/HTTP/[email protected] while getting initial credentials

When enabled trace I got the following messages

#KRB5_TRACE=/dev/stdout kinit -k -t xxx.keytab HTTP/[email protected]Using default cache: /tmp/krb5cc_1001
Using principal: HTTP/[email protected]Using keytab: xxx.keytab
[20299] 1557905070.909564: Getting initial credentials for HTTP/[email protected][20299] 1557905070.909565: Looked up etypes in keytab: (empty)
[20299] 1557905070.909566: Getting initial credentials for HTTP/[email protected][20299] 1557905070.909567: Looked up etypes in keytab: (empty)
kinit: Keytab contains no suitable keys for HTTP/HTTP/[email protected] while getting initial credentials

Any idea why I am getting the etypes list as empty. I created the keytab file using -crypto ALL option.

Any help in this issue is highly appreciated

1 Answer

The problem was when I use ktpass command to create keytab file, the principal added inside was using the realm name in small letters HTTP/[email protected]. I rectified this issue by creating a keytab file on linux server using ktutil command and adding principal with realm name in capital letters typing it manually HTTP/[email protected] using addentry. It worked for me

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.

You Might Also Like