[SR-Users] STIR/SHAKEN public key
Ben Kaufman
bkaufman at nexvortex.com
Thu Nov 4 19:33:47 CET 2021
Not sure if it was clarified or not, but it should be an https URL from where your certificate can be downloaded, not the actual certificate itself.
Ben Kaufman
From: sr-users <sr-users-bounces at lists.kamailio.org> On Behalf Of David Villasmil
Sent: Thursday, November 4, 2021 12:00 PM
To: Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
Subject: Re: [SR-Users] STIR/SHAKEN public key
Thanks Oleg, i misunderstood all that.
Regards,
David Villasmil
email: david.villasmil.work at gmail.com<mailto:david.villasmil.work at gmail.com>
phone: +34669448337
On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov <obelousov at gmail.com<mailto:obelousov at gmail.com>> wrote:
Hi.
It should be certificate issued by CA certified by the Shaken Policy Administrator (iConnective in US)..
--
obelousov.tel<https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fobelousov.tel%2F&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732872628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tGrsS8EC2s%2BbcpseVdLDm0Z7NHSeIrklPzzAJC3TskE%3D&reserved=0>
On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <david.villasmil.work at gmail.com<mailto:david.villasmil.work at gmail.com>> wrote:
Hello guys,
I'm testing with 2 providers right now, and one of them is asking me to include my whole certificate on the
secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)
like:
secsipid_add_identity("$fU", "$rU", "A", "", "https://kamailio.org/stir/$rd/cert.pem<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fkamailio.org%2Fstir%2F%24rd%2Fcert.pem&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732872628%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=9hcmnq0bD4n89HczPIHjyb54ZDdi8RBfwP%2FqyjoQuas%3D&reserved=0>", "/secsipid/$rd/key.pem");
but it is stated that:
x5u is the HTTP URL referencing to the public key that should be used to verify the signature;
One provider is asking to put the cert there, the other hasn't asked that yet.
So i'm a little confused, should the x5u be the actual cert (with its intermediary?) or only the public key?
Regards,
David Villasmil
email: david.villasmil.work at gmail.com<mailto:david.villasmil.work at gmail.com>
phone: +34669448337
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
* sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732882586%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uRjM0WyJo9gGwBRdIWdceKbmlet40rpx1ack%2BYuglz4%3D&reserved=0>
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
* sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.kamailio.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fsr-users&data=04%7C01%7Cbkaufman%40nexvortex.com%7Cc7a43b3de31c404450cc08d99fb4ef2f%7Cafc1818e7b6848568913201b9396c4fc%7C1%7C0%7C637716421732892544%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=o4mIwPXxb6Vp%2BTbDXcV7DBkC1TCIq%2BjaTPk6T1ZYvck%3D&reserved=0>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20211104/c3146ee9/attachment.htm>
More information about the sr-users
mailing list