Hi,
I am getting the error "KDC_NOT_TRUSTED" while trying to talk to the
Microsft KDC from a linux client using Heimdal's PKINIT.
In Heimdal's site http://home.zhwin.ch/~sri/kerberos_pkinit/ they have
addressed this problem in their FAQ section: <<<Why does the kinit
program abort with the error message: kinit: krb5_get_init_creds: KDC not
trusted, although the certificate of the KDC is valid? The certificate of the
KDC must contain its FQDN either in the subject or in the subject alternative
name>>>
How can I check whether the KDC's certificate's subject name or subject
alternative name contains FQDN? Where is the KDC's certificate lying? How
can I access/view it? Could there be any other possibility for this error?
Thanks and regards,
Anna.