Release : 10.5
Component : CA Application Test
As suggested set the following values for "network.negotiate-auth.trusted-uris" in the Firefox browser:
Basically we should specify a comma-delimited list of trusted domain(s) and/or hostname(s) and/or URL prefix(es) in the popup window.
Please note that domains can wild carded by specifying a domain suffix with a dot in front (i.e .example.com).
Example #1: hostname.example.com - Fully Qualified Domain Name (FQDN) of the host running web application(IAM/Keycloak).
Example #2: https://hostname.example.com - URL of the web application application(IAM/Keycloak)
Example #3: .example.com - domain name
Also, make sure that you have the following configured in your Firefox browser for the Kerberos to work:
network.negotiate-auth.allow-non-fqdn = false
network.negotiate-auth.allow-proxies = true
network.negotiate-auth.delegation-uris = Include the local intranet domain name, such as .your-domain.com, where the leading period represents a wildcard character
network.negotiate-auth.using-native-gsslib = true
Please refer to the Auto login section in the docops.ca.com for configuring Kerberos: