principal's key obtained from the keytab
principal is ....
EncryptionKey: keyType=3 ....
Added servers ....
The Sasl client got an initial response which I suppose is the AP-REQ
But when evaluating it at the server side with evaluateResponse();
An exception is thrown GSS initate failed [Caused by GSSException: DerInputStream.getLength(): lengthTag=111, too big.]
Both client and server are in the same realm.
The keytab is generated with ktpass -crypto des-cbc-md5 +DesOnly -ptype KRB5_NT_PRINCIPAL