[squid-users] enctype aes256-cts found in keytab but cannot decrypt ticket

ivc chgaki chgakiivc at gmail.com
Wed Apr 24 05:31:01 UTC 2024


 hello. i hve Samba DC and squid. i created user, then SPN, and then
exported keytab and imported him to squid. im using kerberos negotiate
helper but when i try go to internet i have popup window with
login/password and in cace.log log error


2024/04/21 21:41:58 kid1| ERROR: Negotiate Authentication validating user.
Result: {result=BH, notes={message: gss_accept_sec_context() failed:
Unspecified GSS failure.  Minor code may provide more information. Request
ticket server HTTP/srv-proxy.mydomain.com at MYADOMAIN.COM kvno 2 enctype
aes256-cts found in keytab but cannot decrypt ticket; }}


why this happen? i can see using klist that in keytab aes256 on place, but
why squid cant decrypt?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20240424/18b52ff7/attachment.htm>


More information about the squid-users mailing list