Apache Kerberos token error

Question

Im trying to setup a simple file directory share on my apache, which is kerberized to handle KDC tickets,

I am getting these errors in my Apacche error log when I try to access the shared files via Chrome browser on my workstation,

---

Fri Dec 08 16:59:50.390610 2017] [auth_kerb:debug] [pid 8140] src/mod_auth_kerb.c(1598): [client 192.168.2.136:58703] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
[Fri Dec 08 16:59:50.390657 2017] [auth_kerb:debug] [pid 8140] src/mod_auth_kerb.c(1230): [client 192.168.2.136:58703] Acquiring creds for HTTP/[email protected]
[Fri Dec 08 16:59:50.392259 2017] [auth_kerb:debug] [pid 8140] src/mod_auth_kerb.c(1352): [client 192.168.2.136:58703] Verifying client data using KRB5 GSS-API 
[Fri Dec 08 16:59:50.392296 2017] [auth_kerb:debug] [pid 8140] src/mod_auth_kerb.c(1368): [client 192.168.2.136:58703] Client didn't delegate us their credential
[Fri Dec 08 16:59:50.392305 2017] [auth_kerb:debug] [pid 8140] src/mod_auth_kerb.c(1396): [client 192.168.2.136:58703] **Warning: received token seems to be NTLM, which isn't supported by the Kerberos module. Check your IE configuration.**
[Fri Dec 08 16:59:50.392312 2017] [auth_kerb:debug] [pid 8140] src/mod_auth_kerb.c(1091): [client 192.168.2.136:58703] GSS-API **major_status:00070000, minor_status:00000000**
[Fri Dec 08 16:59:50.392328 2017] [auth_kerb:error] [pid 8140] [client 192.168.2.136:58703] gss_accept_sec_context() failed: No credentials were supplied, or the credentials were unavailable or inaccessible (, Unknown error)*


    ----------

I have a Windows 10 workstation thats on my corp AD, my Apache is on Centos 7, httpd-2.4.10

I created a service account for my Apache server using mksutil and copied over the generated keytab to the Apache server, /etc/httpd/

Testing done so far:

1. test basic connection from Apache server to Domain

    [root@web01 /etc/httpd]# kinit first.last
    Password for [email protected]:
    [root@web01 /etc/httpd]#

2. check if Utility Account called 'web01.httpd' was generated on AD, and its there, also checking it via KLIST

    [root@web01 /etc/httpd]# klist -kte /etc/httpd/httpd.keytab
    Keytab name: FILE:/etc/httpd/httpd.keytab
    KVNO Timestamp         Principal
    ---- ----------------- --------------------------------------------------------
       2 12/08/17 10:16:28 [email protected] (arcfour-hmac)
       2 12/08/17 10:16:28 [email protected] (aes128-cts-hmac-sha1-96)
       2 12/08/17 10:16:28 [email protected] (aes256-cts-hmac-sha1-96)
       2 12/08/17 10:16:28 HTTP/[email protected] (arcfour-hmac)
       2 12/08/17 10:16:28 HTTP/[email protected] (aes128-cts-hmac-sha1-96)
       2 12/08/17 10:16:28 HTTP/[email protected] (aes256-cts-hmac-sha1-96)

3. check if KVNO shows a number,

    
        [root@web01 /etc/httpd]# kvno HTTP/web01.CORP.local
        kvno HTTP/[email protected]
        HTTP/[email protected]: kvno = 2

    4. checked my Apache config,

        
            LoadModule auth_kerb_module /usr/lib64/httpd/modules/mod_auth_kerb.so

                
                    ServerName webfiles
                    ServerAlias webfiles.corp.local
                    DocumentRoot /opt/webfiles
                    LogLevel Debug
                    RewriteEngine On
                    RewriteCond %{HTTPS} off
                    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
                

                
                    ServerName webfiles
                    ServerAlias webfiles.corp.local
                    DocumentRoot /opt/webfiles

                    LogLevel Debug
                    ErrorLog /var/log/httpd/webfiles_error
                    CustomLog /var/log/httpd/webfiles_access common

                    SSLEngine On
                    SSLCertificateKeyFile   /etc/pki/tls/private/web01.CORP.local.pem
                    SSLCertificateFile      /etc/pki/tls/certs/web01.CORP.local.pem
                    SSLCertificateChainFile /etc/pki/ca-trust/source/anchors/CORP_intermediate_ca.crt


                    
                      AuthzSendForbiddenOnFailure On
                      Options +Indexes
                      AllowOverride None
                      Order allow,deny
                      Allow from all
                      AuthName "kerb access"
                      AuthType Kerberos
                      KrbAuthRealms CORP.LOCAL
                      KrbServiceName HTTP/[email protected]
                      Krb5KeyTab /etc/httpd/httpd.keytab
                      KrbMethodK5Passwd off
                      KrbLocalUserMapping on
                      KrbSaveCredentials on
                      SSLRequireSSL
                      #AuthGroupFile /etc/httpd/conf/httpd-access-groups
                      Require valid-user
                    
                

      5. checked the /etc/krb5.conf for proper domain info, it looks good, 

            [libdefaults]
             default_realm = CORP.LOCAL
             dns_lookup_realm = true
             dns_lookup_kdc = true
             ticket_lifetime = 10h
             renew_lifetime = 7d
             forwardable = true
             kdc_timesync = true
             ccache_type = 4
             proxiable = true
             fcc-mit-ticketflags = true
             default_keytab_name = FILE:/etc/krb5.keytab
             verify_ap_req_nofail = true

            [realms]
             CORP.LOCAL = {
              kdc = CORP.local
              admin_server = dom01.corp.local
             }

            [domain_realm]
             CORP.local     = CORP.LOCAL
             .CORP.local    = CORP.LOCAL
             .dr.CORP.local = CORP.LOCAL
             .test.local           = CORP.LOCAL
             .dmz.local            = CORP.LOCAL
             .prod.local           = CORP.LOCAL

Dont know where else to look, my workstation Internet Options - Local Sites- are configured to authenticate to my domains,

Still getting the NTLM error message