[Freeipa-users] Re: smartcard auth + kerberos ticket?

hi, I can successfully login using a smartcard (fedora 29 client, centos 7 kdcs, latest patch level). However, when I try to access a kerberized service, I need to kinit first, because I don't have a ticket: $ klist klist: Credentials cache 'KCM:1006000001' not found I already have krb5-pkinit in de client and if I kinit -n I get a wellknown/anonymous ticket from the kdcs, but this is obviously not what I had in mind :-) Am I doing something wrong or is this to be expected?