This discussion is archived
1 Reply Latest reply: Apr 25, 2013 4:21 AM by Weijun RSS

SSO not working: "Do not have keys of types listed in default_tkt_enctypes"

1002280 Newbie
Currently Being Moderated
Hi,

this drives me crazy! :-( Since one week I'm trying to get SSO work. I reinstall the whole Windows Server several times. I tried Windows Server 2008 R2 and Windows Server 2012. I installed them in a Virtual Box VM. I only installed Active Directoy (incl. DNS) and then I'm trying to get SSO work.

So I installed Openfire (3.7.x and also 3.8.x). I tried the included Java version of Openfire and also the latest version of Java.

I used this tutorial: http://community.igniterealtime.org/docs/DOC-1060
And also this one: http://community.igniterealtime.org/docs/DOC-1362

When I call: kinit xmpp/servername.mydomain@REALM -t -k xmpp.keytab I alway get the following error:

Exception: krb_error 0 Do not have keys of types listed in default_tkt_enctypes
available; only have keys of following type: No error
KrbException: Do not have keys of types listed in default_tkt_enctypes available
; only have keys of following type:
at sun.security.krb5.internal.crypto.EType.getDefaults(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.build(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.send(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.action(Unknown Source)
at sun.security.krb5.internal.tools.Kinit.<init>(Unknown Source)
at sun.security.krb5.internal.tools.Kinit.main(Unknown Source)

Why is no type listed in the error message?

If I open my xmpp.keytab with ktab it shows the xmpp principal, so the keytab file seems to be correct.

I don't know what to do know, because I can't find any solution for this error with Google, etc.

Best regards,
Sascha

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points