Note: Because this file contains sensitive information, it must be handled with care. The file must not under any circumstances be readable by unauthorized users.
To list the contents of the keytab file, use the
klist command-line tool. It lists the principal name, crypto algorithm, and security credentials. The tool is included in the bundled JDK and is only available when installed on Windows:
> <installation dir>\jdk\jre\bin\klist.exe -k -t -e -K <keytab file>
To test the keytab file, use the
kinit command-line tool which is also included in the bundled JDK on Windows platforms:
> <installation dir>\jdk\jre\bin\kinit.exe -k -t <keytab file> HTTP/<fully qualified hostname>[:<port>]@<realm>
If the keytab file is correctly set up, a ticket cache file is created in the logged-in user's home directory. It can typically be found in the path
C:\Users\<user>\krb5cc_<user>.