[SR-Users] STIR/SHAKEN tests
Daniel-Constantin Mierla
miconda at gmail.com
Thu May 27 20:09:20 CEST 2021
Hello,
On 27.05.21 19:58, David Villasmil wrote:
> Hello guys,
>
> I want to test secsipid, but i don't yet have the certificate. So i
> thought i'd create a cert like:
>
> openssl req -new -newkey rsa:4096 -nodes -keyout snakeoil.key -out
> snakeoil.csr
> openssl x509 -req -sha256 -days 365 -in snakeoil.csr -signkey
> snakeoil.key -out snakeoil.pem
>
> Then i'm simply doing:
>
> $var(rc) = secsipid_add_identity("$fU", "$rU", "A", "",
> "https://somedomain.com/stir/$rd/cert.pem
> <https://kamailio.org/stir/$rd/cert.pem>", "/etc/kamailio/snakeoil.pem");
> if ( $var(rc) ) {
> xlog("L_ERR", "[STIR/SHAKEN][$ci] Shaken authentication added (SIP
> Identity Header created)\n");
> } else {
> xlog("L_ERR", "[STIR/SHAKEN][$ci] Failed\n");
> }
>
> But no matter what i do it silently fails:
>
> INVITE d54c2919-39b6-123a-95a7-0e29a5289b8d} <script>:
> [STIR/SHAKEN][d54c2919-39b6-123a-95a7-0e29a5289b8d] Failed
>
> I have debug on 6, but i don't get more info regarding the error.
>
> Any ideas?
based on the specs, it should not be the usual ssl/tls certificate, try
to generate them using the guidelines at:
* https://github.com/asipto/secsipidx#keys-generation
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - Online - June 7-10, 2021 (America Timezone)
* https://www.asipto.com/sw/kamailio-advanced-training-online/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210527/12d56031/attachment.htm>
More information about the sr-users
mailing list