Hello Ville,
Could you please check which hashing algorithm was used to generate the signature of your
KDC certificate?
To do so, please run this command:
openssl x509 -in /var/kerberos/krb5kdc/kdc.crt -noout -text | grep -Fi 'Signature
Algorithm'
--
Julien Rische
Software Engineer
Red Hat