Use only anonymous PKINIT to fetch armor ccache
Since the anonymous principal can only use PKINIT to fetch credential
cache it makes no sense to try and use its kerberos key to establish
We should also be able to use custom PKINIT anchor for the armoring.
Reviewed-By: Alexander Bokovoy <firstname.lastname@example.org>
Reviewed-By: Jan Cholasta <email@example.com>
Reviewed-By: Martin Basti <firstname.lastname@example.org>
Reviewed-By: Simo Sorce <email@example.com>