I have set up our systems to use X.509 certificates for SSO. The certificates are issued by our enterprise PKI. There is no SLS installed. I came across the Kerberos authentication setup videos and tried that on one system and it worked.
If I create the SNC pse with the same name as the SPN, would I be able to logon via x.509 certificate and Kerberos at the same time, depending on the SNC Name in SU01? Or do I have to decide for one or the other authentication process?
Regarding Web Access: I would have to maintain SPNEGO for Kerberos authentification and EXTID_DN for certificate based logon. Am I right?