[SR-Users] STIR/SHAKEN
David Villasmil
david.villasmil.work at gmail.com
Tue Nov 2 23:22:22 CET 2021
Nevermind, i was using the private key instead of the public, so it all
looks good
Regards,
David Villasmil
email: david.villasmil.work at gmail.com
phone: +34669448337
On Tue, Nov 2, 2021 at 9:54 PM David Villasmil <
david.villasmil.work at gmail.com> wrote:
> Hello guys,
>
> I'm trying to test secsipid by creating an Identity header and trying to
> verify it with the cli utility, but it's failing:
>
> # secsipidx -sign-full -orig-tn 123456789 -dest-tn 123456789 -attest A
> -x5u https://pki.my.domain.com/stir-shaken-public-key.pem -k
> ec256-private.pem
>
>
> eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9wa2kudG5jcC50ZXh0bm93LmNvbS9zdGlyLXNoYWtlbi1wdWJsaWMta2V5LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxMjM0NTY3ODkiXX0sImlhdCI6MTYzNTg4OTY3Miwib3JpZyI6eyJ0biI6IjEyMzQ1Njc4OSJ9LCJvcmlnaWQiOiJjNTE4MDI4Ny05NjJmLTRlMDItYTM1NS00YmMzY2JhYzMxNjgifQ.ei1nQY8c9EQzvuBP7pQSI03T2yIfsNg9blzSdufU7tQy0tLJwoqmM9sBAk_Uq9s2jycVxseonZ1yl1kGiSv_GA;info=<
> https://pki.my.domain.com/stir-shaken-public-key.pem>;alg=ES256;ppt=shaken
>
> root at sip-stir-term1:/home/admin# echo
> "eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9wa2kudG5jcC50ZXh0bm93LmNvbS9zdGlyLXNoYWtlbi1wdWJsaWMta2V5LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxMjM0NTY3ODkiXX0sImlhdCI6MTYzNTg4OTY3Miwib3JpZyI6eyJ0biI6IjEyMzQ1Njc4OSJ9LCJvcmlnaWQiOiJjNTE4MDI4Ny05NjJmLTRlMDItYTM1NS00YmMzY2JhYzMxNjgifQ.ei1nQY8c9EQzvuBP7pQSI03T2yIfsNg9blzSdufU7tQy0tLJwoqmM9sBAk_Uq9s2jycVxseonZ1yl1kGiSv_GA;info=<
> https://pki.my.domain.com/stir-shaken-public-key.pem>;alg=ES256;ppt=shaken"
> > identity.txt
>
> root at sip-stir-term1:/home/admin# secsipidx -check -fidentity identity.txt
> -fpubkey /etc/kamailio/secsipid/ec256-private.pem -expire 3600
>
> error message: asn1: structure error: tags don't match (16 vs {class:0
> tag:2 length:1 isCompound:false}) {optional:false explicit:false
> application:false private:false defaultValue:<nil> tag:<nil> stringType:0
> timeType:0 set:false omitEmpty:false} tbsCertificate @2
> not-ok
>
> any ideas?
>
> Regards,
>
> David Villasmil
> email: david.villasmil.work at gmail.com
> phone: +34669448337
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20211102/2fedc240/attachment.htm>
More information about the sr-users
mailing list