From miconda@gmail.com Thu May 27 21:54:25 2021 From: Daniel-Constantin Mierla To: sr-users@lists.kamailio.org Subject: Re: [SR-Users] STIR/SHAKEN tests Date: Thu, 27 May 2021 21:54:19 +0200 Message-ID: <0867e95c-fba4-2c20-9efd-286acd02e5c7@gmail.com> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0584675308==" --===============0584675308== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Same logs like with before with previous certificate? Can you attach log messages with debug=3D3? Cheers, Daniel On 27.05.21 20:13, David Villasmil wrote: > Yep i just tried that :) > > I don't get an error on the CLI: > > # secsipidx -sign-full -orig-tn 493044448888 -dest-tn 493055559999 > -attest A -x5u http://asipto.lab/stir/cert.pem > -k ec256-private.pem > eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR= 0cDovL2FzaXB0by5sYWIvc3Rpci9jZXJ0LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI= 6WyI0OTMwNTU1NTk5OTkiXX0sImlhdCI6MTYyMjEzOTE1Nywib3JpZyI6eyJ0biI6IjQ5MzA0NDQ0= ODg4OCJ9LCJvcmlnaWQiOiIxOWE5OWY2ZS1mZWE5LTQyYmEtYmU2ZC1lNDZkNjZkMGIzNjcifQ.64= Z_uNPA5frA20nqurHxOD8qLtuvcGeMxmx0ZhBmSWFoeEU53nHSmEWOsAJC5eiJLuIWfVI9HFhJIKy= K6PMrcA;info=3D >;alg=3DES256;ppt=3Dshaken > > But still failing in kamailio... > > Regards, > > David Villasmil > email: david.villasmil.work(a)gmail.com > > phone: +34669448337 > > > On Thu, May 27, 2021 at 7:09 PM Daniel-Constantin Mierla > > wrote: > > Hello, > > On 27.05.21 19:58, David Villasmil wrote: >> Hello guys, >> >> I want to test secsipid, but i don't yet have the certificate. So >> i thought i'd create a cert like: >> >> openssl req -new -newkey rsa:4096 -nodes -keyout snakeoil.key >> -out snakeoil.csr >> openssl x509 -req -sha256 -days 365 -in snakeoil.csr -signkey >> snakeoil.key -out snakeoil.pem >> >> Then i'm simply doing: >> >> $var(rc) =3D secsipid_add_identity("$fU", "$rU", "A", "", >> "https://somedomain.com/stir/$rd/cert.pem >> ", >> "/etc/kamailio/snakeoil.pem"); >> if ( $var(rc) ) { >> =C2=A0 =C2=A0 xlog("L_ERR", "[STIR/SHAKEN][$ci] Shaken authentication = added >> (SIP Identity Header created)\n"); >> } else { >> =C2=A0 =C2=A0 xlog("L_ERR", "[STIR/SHAKEN][$ci] Failed\n"); >> } >> >> But no matter what i do it silently fails: >> >> INVITE d54c2919-39b6-123a-95a7-0e29a5289b8d}