1 include @srcdirabs@/include-krb5.conf
4 default_keytab_name = @objdir@/server.keytab
6 kx509_store = PEM-FILE:/tmp/cert_%{euid}.pem
7 default_realm = TEST.H5L.SE
8 kuserok = SYSTEM-K5LOGIN:@srcdir@/../kdc/k5login
14 kdc = localhost:@port@
15 auth_to_local_names = {
22 allow-anonymous = true
23 digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
24 strict-nametypes = true
25 synthetic_clients = true
26 enable_gss_preauth = true
27 gss_mechanisms_allowed = sanon-x25519
29 pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
30 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
31 pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
32 # pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
33 pkinit_mappings_file = @srcdir@/pki-mapping
34 pkinit_allow_proxy_certificate = true
37 dbname = @objdir@/current-db
39 mkey_file = @objdir@/mkey.file
40 log_file = @objdir@/current.log
45 enable_virtual_hostbased_princs = true
46 virtual_hostbased_princ_mindots = 1
47 virtual_hostbased_princ_maxdots = 3
48 same_realm_aliases_are_soft = true
51 kdc = 0-/FILE:@objdir@/messages.log
52 default = 0-/FILE:@objdir@/messages.log
54 include @srcdirabs@/missing-krb5.conf