Kerberos for Leopard
For the avoidance of doubt, install Mac OSX Kerberos Extras—some say this is changed for Leopard (OS X 10.5) others hint that it's just as the same as it was for 10.4.
Add X509 Anchors to Keychain Access (found in /Applications/Utilities/). (It was there by default in 10.4, but it appears not in Leopard. Select Add Keychain from the File menu. In the file selection dialog, navigate to /System/Library/Keychains. You should find X509 Anchors there.
Install the University Certificate in X509 Anchors— drag-and-drop.
For me Keberos works for IMAP access to staffmail.inf.ed.ac.uk, but not to mail.inf.ed.ac.uk, nor for SMTP access to either.
Here's what support have to say:
I've run this past a few people who might know and the consensus is that Apple may have broken something. There's a strange looking message in one of the log files - Token header is malformed or corrupt
This is probably not the whole story, as staffmail does work with Leopard's Kerberos. Time to switch to staffmail...
1 comment:
Same for me - and it doesn't work for wiki.inf, also, which is annoying (the kx509 app which did the trick on tiger no longer appears to do the job).
The only way I can access wiki.inf on leopard, so far as I can tell, is to use firefox and to obtain a certificate via the system/authportal web service.
- steve
Post a Comment