Hi Jonas, I got as far as creating the smoke test films collection, but when I run the curl command I get: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES256 CTS mode with HMAC SHA1-96)
From the solr server log this seems to be during SPNEGO of authenticating the client. The rest of my kerberised cluster seems fine, and I've made sure the JCE 8 extensions are installed: [root@master solr]# ls -lrt /usr/java/default/jre/lib/security/
total 164
-rw-rw-r-- 1 root root 3023 Dec 20 2013 US_export_policy.jar
-rw-rw-r-- 1 root root 3035 Dec 20 2013 local_policy.jar
and also made sure solr is using that java by setting SOLR_JAVA_HOME in solr.in.sh. I'm logged in as the following solr principal. [root@master solr]# klist -e
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: solr/master.sandbox.lbg.com@LBG.COM
Valid starting Expires Service principal
06/21/16 23:07:24 06/22/16 23:07:24 krbtgt/LBG.COM@LBG.COM
renew until 06/21/16 23:07:24, Etype (skey, tkt): aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
06/21/16 23:07:27 06/22/16 23:07:24 HTTP/master.sandbox.lbg.com@LBG.COM
renew until 06/21/16 23:07:24, Etype (skey, tkt): aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
I'm a little perplexed as the error suggests the extensions aren't installed, but i can't really see how they're not. Have you got any ideas? Cheers, Tom
... View more
