diff --git a/tests/docker-kerberos/krb5.conf b/tests/docker-kerberos/krb5.conf
index 5bb7f811..d46f1b83 100644
--- a/tests/docker-kerberos/krb5.conf
+++ b/tests/docker-kerberos/krb5.conf
@@ -16,7 +16,9 @@
 
 [realms]
 KERBEROS.TEST = {
- kdc = kerberos.test
+ kdc = https://kerberos.test/kerberos
+ http_anchors = FILE:/etc/ca.pem
+# kdc = kerberos.test
  admin_server = kerberos.test
  auto_to_local = DEFAULT
 }
diff --git a/tests/docker-kerberos/ocserv.conf b/tests/docker-kerberos/ocserv.conf
index 272eb1d5..9984163a 100644
--- a/tests/docker-kerberos/ocserv.conf
+++ b/tests/docker-kerberos/ocserv.conf
@@ -284,11 +284,7 @@ route = fd91:6d87:7341:db6a::/64
 # post using MS-KKDCP, and the message will be forwarded to the provided
 # KDC server. That is a translation URL between HTTP and Kerberos.
 # This option is available if ocserv is compiled with GSSAPI support. 
-#kkdcp = /kerberos udp@127.0.0.1:88 application/kerberos
-kkdcp = /kerberos NONEXISTING.COM tcp@10.100.1.1:88
-kkdcp = /kerberos OTHER.TEST tcp@10.100.2.1:88
 kkdcp = /kerberos KERBEROS.TEST tcp@127.0.0.1:88
-kkdcp = /kerberos KERBEROS.LONGER.TEST tcp@10.100.3.1:88
 
 #
 # The following options are for (experimental) AnyConnect client