KB - Verify the Back-side Kerberos SSO Setup

Affects product

  • Airlock Gateway

Question or problem

Verify the Kerberos configuration on Airlock Gateway, the Active Directory domain controller and the back-end server with the test program.

Procedure-related prerequisites

  • You need to be logged in as root on the Airlock Gateway console.

Example values

  • Kerberos Environment: int.virtinc.com-ch
  • Kerberos user: test1@int.virtinc.com
  • SPN: http/webapp.int.virtinc.com
  • Internal URL: https://webapp.int.virtinc.com


  • Test execution and verification:
  • 1.
    Run the following commands:
  • copy
    airlock-test-kerberos -v -e int.virtinc.com-ch test1@int.virtinc.com HTTP/webapp.int.virtinc.comhttps://webapp.int.virtinc.com

    The test program stops in case of an errors occurs.

  • 2.
    Verify the following:
    • -
      When running airlock-test-kerberos with the internal URL, the HTTP response code is not 401.
    • -
      The test program runs through without any problems.
  • The verification steps from the above were successful.
  • In case of failure:
  • Analyze the output of the test program and verify the settings on all involved systems.