WNA Error - Found unsupported keytype (18) for HTTP/<host1.domain1>@<domain1>
(Doc ID 2119015.1)
Last updated on AUGUST 01, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.4 and laterOracle WebLogic Server - Version 10.3.6 to 10.3.6
Information in this document applies to any platform.
Symptoms
WNA is not working. When set to collect more details using -Dsun.security.krb5.debug=true -Dsun.security.spnego.debug=true to the JAVA PROPERTIES shows following errors.
Java config name: <path_to_directory>/krb5.conf
Loaded from Java config
Added key: 17version: 8
Found unsupported keytype (18) for HTTP/<host1.domain1>@<domain1> <<<<<==== error
Added key: 23version: 8
Added key: 3version: 8
Added key: 1version: 8
Ordering keys wrt default_tkt_enctypes list
Using builtin default etypes for default_tkt_enctypes
default etypes for default_tkt_enctypes: 17 16 23 1 3. <<<<<==== This is corresponding to ticket encryption where 17 (aes), 16 (des) and 23 (rc4-hmac). 18 is not on default etypes in Kerberos list and cause of error "Found unsupported keytype (18)".
>>> KdcAccessibility: reset
Added key: 17version: 8
Found unsupported keytype (18) for HTTP/<host1.domain1>@<domain1> <<<<<==== error
Added key: 23version: 8
Added key: 3version: 8
Added key: 1version: 8
Ordering keys wrt default_tkt_enctypes list
Using builtin default etypes for default_tkt_enctypes
default etypes for default_tkt_enctypes: 17 16 23 1 3.
Using builtin default etypes for default_tkt_enctypes
default etypes for default_tkt_enctypes: 17 16 23 1 3.
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=xxxxx TCP:<port1>, timeout=3000, number of retries =3, #bytes=173
>>> KDCCommunication: kdc=xxxxx TCP:<port1>, timeout=3000,Attempt =1, #bytes=173
>>>DEBUG: TCPClient reading 270 bytes
Note:
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |