I've bumped into this a couple times recently so I'll add some troubleshooting information for anyone who arrives here via a search for the exception.
The machine must be able to resolve it's own hostname to the hostname that other machines will connect to. Verify the hosts file is setup correctly.
Verify the format of your jaas file
The principal needs to be to the fully qualified hostname
Make sure you can kinit with the contents of your jaas file
If possible you should try to do this with the local user zookeeper will be running as.
kinit -kt <keyTab value from jaas> <zookeeper/zookeeper.example.com@EXAMPLE.COM>
This should return successfully without prompting for a password.
Make sure your jaas file and keytab are readable by the zookeeper user
-r--r-----. 1 zookeeper zookeeper 4198 Feb 3 19:32 /etc/security/keytabs/zookeeper.keytab
If the permissions are not correct use this.
chmod 0440 /etc/security/keytabs/zookeeper.keytab
Verify you have the proper JCE policy files (Oracle JRE)
If you are using the Oracle JRE and strong encryption like aes256-cts-hmac-sha1-96 or aes128-cts-hmac-sha1-96, additional policy jars need to be installed. Download the JCE jars for Java 7 or Java 8