[Samba] "KDC_NOT_TRUSTED" error

Anna M anna.mammen at mindteck.com
Tue Apr 15 05:58:16 GMT 2003


I am getting the error "KDC_NOT_TRUSTED" while trying to talk to the Microsft KDC from a linux client using Heimdal's PKINIT. 
In Heimdal's site http://home.zhwin.ch/~sri/kerberos_pkinit/ they have addressed this problem in their FAQ section: <<<Why does the kinit program abort with the error message: kinit: krb5_get_init_creds: KDC not trusted, although the certificate of the KDC is valid? The certificate of the KDC must contain its FQDN either in the subject or in the subject alternative name>>>
How can I check whether the KDC's certificate's subject name or subject alternative name contains FQDN? Where is the KDC's certificate lying? How can I access/view it? Could there be any other possibility for this error?

Thanks and regards,

More information about the samba mailing list