Kerberos authentication error in cache.log on Squid server

I configured Kerberos authentication for a Squid proxy server on Ubuntu in an Active Directory domain. During my tests I got the following error in the cache.log:

ERROR: Negotiate Authentication validating user. Result: {result=BH, notes={message: gss_acquire_cred() failed: Unspecified GSS failure.  Minor code may provide more information. No key table entry found matching HTTP/squid@; }}

The reason for this error was a wrong entry in the hosts (/etc/hosts) file on the Ubuntu server. The entry for the server was missing the domain part. So the file contained

192.168.1.40 squid

instead of

192.168.1.250 squid.contoso.com

I added the domain part to the entry and restarted the server. After the reboot the error disappeared in the cache.log.

Leave a Reply

Your email address will not be published. Required fields are marked *