1 include @srcdirabs@/include-krb5.conf
4 default_keytab_name = @objdir@/server.keytab
6 kx509_store = PEM-FILE:/tmp/cert_%{euid}.pem
7 default_realm = TEST.H5L.SE
8 kuserok = SYSTEM-K5LOGIN:@srcdir@/../kdc/k5login
15 kdc = 127.0.0.1:@port@
16 auth_to_local_names = {
23 allow-anonymous = true
24 digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
25 strict-nametypes = true
26 synthetic_clients = true
27 enable_gss_preauth = true
28 gss_mechanisms_allowed = sanon-x25519
30 pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
31 pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
32 pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
33 # pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
34 pkinit_mappings_file = @srcdir@/pki-mapping
35 pkinit_allow_proxy_certificate = true
38 dbname = @objdir@/current-db
40 mkey_file = @objdir@/mkey.file
41 log_file = @objdir@/current.log
46 enable_virtual_hostbased_princs = true
47 virtual_hostbased_princ_mindots = 1
48 virtual_hostbased_princ_maxdots = 3
49 same_realm_aliases_are_soft = true
52 kdc = 0-/FILE:@objdir@/messages.log
53 default = 0-/FILE:@objdir@/messages.log
55 include @srcdirabs@/missing-krb5.conf