directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yu Wei <yu20...@hotmail.com>
Subject Re: Failed to setup kerberos with Apache DS
Date Tue, 17 Jan 2017 09:19:07 GMT
I used openjdk-1.8.0 and installed jce.

[dcos@mesos-ds security]$ pwd
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.111-2.b15.el7_3.x86_64/jre/lib/security
[dcos@mesos-ds security]$ ls -al
total 64
drwxr-xr-x. 2 root root  4096 1月  17 17:00 .
drwxr-xr-x. 9 root root  4096 12月 21 13:55 ..
-rw-r--r--. 1 root root  1273 11月 22 04:46 blacklisted.certs
lrwxrwxrwx. 1 root root    41 12月 21 13:55 cacerts -> ../../../../../../../etc/pki/java/cacerts
-rw-r--r--. 1 root root  2466 11月 22 04:46 java.policy
-rw-r--r--. 1 root root 26712 1月   1 2014 java.security
-rw-rw-r--. 1 root root  3035 12月 21 2013 local_policy.jar
-rw-r--r--. 1 root root   556 1月   1 2014 local_policy.jar.bak
-rw-r--r--. 1 root root   141 11月 22 04:54 nss.cfg
-rw-rw-r--. 1 root root  3023 12月 21 2013 US_export_policy.jar
-rw-r--r--. 1 root root   538 1月   1 2014 US_export_policy.jar.bak


Then I still got the same error when running the test.


Do I need to reinstall LDAP/Kerberos server? Or other advice?


Thanks,

Jared

________________________________
From: Emmanuel Lécharny <elecharny@gmail.com>
Sent: Tuesday, January 17, 2017 4:30:36 PM
To: kerby@directory.apache.org
Subject: Re: Failed to setup kerberos with Apache DS



Le 17/01/2017 à 09:13, Yu Wei a écrit :
> KrbException: Identifier doesn't match expected value (906)

Most certainly teh cipher in use is not accepted, or not supported. It
may depend on teh JVM you are using, or you also have to install teh JCE
extension, thatbrings AES 256, which is not installed inathe default JDK.

--
Emmanuel Lecharny

Symas.com
directory.apache.org

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message