Correct.
That’s a log with debug 3, absolutely nothing is coming out. :(
On Thu, 27 May 2021 at 20:54, Daniel-Constantin Mierla
<miconda(a)gmail.com <mailto:miconda@gmail.com>> wrote:
Same logs like with before with previous certificate? Can you
attach log messages with debug=3?
Cheers,
Daniel
On 27.05.21 20:13, David Villasmil wrote:
Yep i just tried that :)
I don't get an error on the CLI:
# secsipidx -sign-full -orig-tn 493044448888 -dest-tn
493055559999 -attest A -x5u
http://asipto.lab/stir/cert.pem
<http://asipto.lab/stir/cert.pem> -k ec256-private.pem
eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cDovL2FzaXB0by5sYWIvc3Rpci9jZXJ0LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyI0OTMwNTU1NTk5OTkiXX0sImlhdCI6MTYyMjEzOTE1Nywib3JpZyI6eyJ0biI6IjQ5MzA0NDQ0ODg4OCJ9LCJvcmlnaWQiOiIxOWE5OWY2ZS1mZWE5LTQyYmEtYmU2ZC1lNDZkNjZkMGIzNjcifQ.64Z_uNPA5frA20nqurHxOD8qLtuvcGeMxmx0ZhBmSWFoeEU53nHSmEWOsAJC5eiJLuIWfVI9HFhJIKyK6PMrcA;info=<http://asipto.lab/stir/cert.pem
<http://asipto.lab/stir/cert.pem>>;alg=ES256;ppt=shaken
But still failing in kamailio...
Regards,
David Villasmil
email: david.villasmil.work(a)gmail.com
<mailto:david.villasmil.work@gmail.com>
phone: +34669448337
On Thu, May 27, 2021 at 7:09 PM Daniel-Constantin Mierla
<miconda(a)gmail.com <mailto:miconda@gmail.com>> wrote:
Hello,
On 27.05.21 19:58, David Villasmil wrote:
Hello guys,
I want to test secsipid, but i don't yet have the
certificate. So i thought i'd create a cert like:
openssl req -new -newkey rsa:4096 -nodes -keyout
snakeoil.key -out snakeoil.csr
openssl x509 -req -sha256 -days 365 -in snakeoil.csr
-signkey snakeoil.key -out snakeoil.pem
Then i'm simply doing:
$var(rc) = secsipid_add_identity("$fU", "$rU", "A",
"",
"https://somedomain.com/stir/$rd/cert.pem
<https://kamailio.org/stir/$rd/cert.pem>",
"/etc/kamailio/snakeoil.pem");
if ( $var(rc) ) {
xlog("L_ERR", "[STIR/SHAKEN][$ci] Shaken authentication
added (SIP Identity Header created)\n");
} else {
xlog("L_ERR", "[STIR/SHAKEN][$ci] Failed\n");
}
But no matter what i do it silently fails:
INVITE d54c2919-39b6-123a-95a7-0e29a5289b8d} <script>:
[STIR/SHAKEN][d54c2919-39b6-123a-95a7-0e29a5289b8d] Failed
I have debug on 6, but i don't get more info regarding the
error.
Any ideas?
based on the specs, it should not be the usual ssl/tls
certificate, try to generate them using the guidelines at:
*
https://github.com/asipto/secsipidx#keys-generation
<https://github.com/asipto/secsipidx#keys-generation>
Cheers,
Daniel
--
Daniel-Constantin Mierla --
www.asipto.com <http://www.asipto.com>
www.twitter.com/miconda <http://www.twitter.com/miconda> --
www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - Online - June 7-10, 2021 (America Timezone)
*
https://www.asipto.com/sw/kamailio-advanced-training-online/
<https://www.asipto.com/sw/kamailio-advanced-training-online/>
<http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - Online - June 7-10, 2021 (America Timezone)
*
<https://www.asipto.com/sw/kamailio-advanced-training-online/>
--
Regards,
David Villasmil
email: david.villasmil.work(a)gmail.com
<mailto:david.villasmil.work@gmail.com>
phone: +34669448337