I'm new to SharePoint and in the process of setting up SharePoint Server Subscription Edition on-prem.
The issue I am having is related to Kerberos authentication for multiple SharePoint sites hosted on the same server, and configuring SPNs.
I set up a Central Administration site when first installing SharePoint, with Kerberos as the authentication protocol. In order to make this work, I had to configure an SPN linked to the Farm Administrator account in the format "http/serverFQDN"
However, now I want to create a SharePoint site for my users which also uses Kerberos authentication.
If I have two different sites hosted on the same SharePoint server (the Central Administration site and the site for users to access), how can I configure different service accounts for each site, with both of them using Kerberos authentication? When I try to set SPN for one account "http/serverFQDN" , it works, but if I try to set the SPN for the second account - also "http/serverFQDN", it says "a duplicate SPN has been found - aborting operation".
So I can't set both service accounts to use the hostname of the server for its SPN, because this will not be a unique SPN. Does anyone know how I can make this work?