After upgrading to Siteminder release from 12.8.x to 12.9, the following 2 issues are observed 

     1) The Policy server fails to Initialize the Kerberos Auth Scheme 

         [LogMessage:ERROR:[sm-Server-02960] Failed to initialize authentication scheme 'kerberos_default']

      2) on the Access Gateway Agent side , 500 Error is observed when accessing a resource protected by Kerberos AuthSchme 

12.9 Siteminder Policy server and Access Gateway 

This is due to the  kerberos lib compiled without the support of KEYRING Kerberos credential cache type while in previous 12.8.x release it did.

When default_ccache_name is set in the krb5.conf under the [libdefaults] section to a value like "KEYRING:persistent:%{uid}", the SiteMinder Access Gateway fails and returns an HTTP 500 error when the cred.kcc URL is initially accessed and on the policy server side the Auth scheme fails to initialize.

To address the issue, please open a case with Broadcom Support to obtain the updated Kerberos lib files that is compiled to support the KEYRING Kerberos credential cache type.