Hi



I try to authenticate web server clients on Linux apache.



I have keytab from win2003 and kinit pass OK.



Klist show valid principal.

[Expert@fluid]# klist

Ticket cache: FILE:/tmp/krb5cc_0

Default principal:
HTTP/fluid.w2003ex.qa.checkpoint.com@W2003EX.QA.CHECKPO INT.COM



Valid starting Expires Service principal

10/30/08 14:50:28 10/31/08 00:50:46
krbtgt/W2003EX.QA.CHECKPOINT.COM@W2003EX.QA.CHECKPOINT.CO M

renew until 10/31/08 14:50:28





Kerberos 4 ticket cache: /tmp/tkt0

klist: You have no tickets cached





but I got gss error "No principal in keytab matches desired name"





debug:

[Thu Oct 30 16:14:15 2008] [debug] mod_auth_kerb.c(1182): [client
192.168.0.32] Acquiring creds for HTTP@fluid.w2003ex.qa.checkpoint.com

[Thu Oct 30 16:14:15 2008] [error] [client 192.168.0.32] gss_acquire_cred()
failed: Unspecified GSS failure. Minor code may provide more information
(No principal in keytab matches desired name)







Is any one know how to debug this.



What went wrong?



Thanks



Yuval