Hi Greg,
Yup - Running 1.10+dfsg~beta1 - the default on my Ubuntu systems.
In retrospect I should have not just followed the pkinit setup
instructions blindly, running openssl commands without giving them some
thought. Without specifying days it will default to 30 days, and combined
with the
Hello,
Apperantly not all enctypes can function as master key, notably
aes256-cts:normal cannot.
aes256-cts can definitely be used for the master key, and has been the
default for the master key since 1.8. Something else is going on here.
Thanks Greg -- with the string you supplied it
On 10/12/2013 07:39 PM, Rick van Rein (OpenFortress) wrote:
* I seem to need to run kdb5_util create to construct a principal file with
a random pool, even when running on an LDAP backend
This should not be required. A principal file sounds like a DB2
database (since the DB2 KDB module uses