"Client not trusted" performing PKINIT

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

"Client not trusted" performing PKINIT

Geoffrey Elgey-2

I'm trying to use Heimdal PKINIT to authenticate to a Windows 2003
server. I can perform password-based pkinit for the CA, the
administrator, and a user account.However, when I export the certificate
and private key for any of these accounts from Windows and use them in a
Heimdal PKINIT operation, I get back the following error:

   "kinit: krb5_get_init_creds: Client not trusted"

I suspect that this is a Windows error (and if it is, then any
suggestions to overcome it would be appreciated), but maybe it's a
certificate path error on the client side.

Has anyone come across this before?

-- Geoff