Kerberos authentication

[AP]

I am able to connect to the SQL server using user name & password from our application with kerberos authentication. But our customer prefers to use keytab file instead of passing the password over the network.

When I try to use keytab I am facing some issues as below.

Our SQL server's SPN is:

MSSQLSvc/myhost:1433@MYDOMAIN.COM

I have created keytab file as:

ktpass -out "C:\Users\myuser\KerberosConf\MSSQL\myappserver.keytab" -princ MSSQLSvc/myhost:1433@MYDOMAIN.COM -mapUser mydomain\myuser-pass Test@123 -crypto AES256-SHA1 -pType KRB5_NT_PRINCIPAL

When viewing the keytab it shows the correct SPN as:

[1] Service principal: MSSQLSvc/myhost:1433@MYDOMAIN.COM KVNO: 18

But while referring the keytab file for authenticating it throws the below error:

Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is C:/Users/myuser/KerberosConf/MSSQL/myappserver.keytab refreshKrb5Config is false principal is MSSQLSvc/myhost:1433@MYDOMAIN.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false Key for the principal MSSQLSvc/myhost:1433@MYDOMAIN.COM not available in C:/Users/myuser/KerberosConf/MSSQL/myappserver.keytab

[Krb5LoginModule] authentication failed Unable to obtain password from user

javax.security.auth.login.LoginException: Unable to obtain password from user
at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Unknown Source)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown Source)
at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

Error message is "MSSQLSvc/myhost:1433@MYDOMAIN.COM not available in C:/Users/myuser/KerberosConf/MSSQL/myappserver.keytab" but actually it is available in keytab. Can someone can point out whats wrong here? Thank you!