Re: [OpenSIPS-Users] Stir Shaken Verification issue

2022-05-02 Thread Vlad Patrascu 

Hi Devang,

The URL in the info param has nothing to do with the verification itself.

I suspect you are somehow not using the proper certificate and/or CA, as 
the certificate generated by the script you mentioned should not be self 
signed, as the error indicates.


Regards,

--
Vlad Patrascu
OpenSIPS Core Developer
http://www.opensips-solutions.com

On 25.04.2022 15:47, Devang Dhandhalya via Users wrote:

Hello All
I am testing STIR/SHAKEN calls using two servers.
calls originating to the first server adding identity header and when 
sending calls to the second server for verification service at the 
time of verification service i am getting below error .
error :437 , Unsupported Credential , Verification Fails with Return 
code :-8 INFO:stir_shaken:verify_callback: certificate validation 
failed: self signed certificate INFO:stir_shaken:w_stir_verify: 
Invalid certificate
OpenSIPS Version : 3.2.2 I generate certificate using domain which 
mapped with those 2 server : 
https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh 

When the same server generates an identity header and verifies it at 
that time not getting an issue call is working fine but when the 
identity header generated by server 1 and going to verify it by server 
2 we get this above error.
Is it related to the URL which is in the info param ? When I open that 
URL in the browser I am able to see the certificate.

Please suggest a solution for this issue.
Regards
Devang Dhandhalya

*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely 
those of the originator and do not necessarily represent those of the 
Company or its sister concerns. Any liability (in negligence, contract 
or otherwise) arising from any third party taking any action, or 
refraining from taking any action on the basis of any of the 
information contained in this email is hereby excluded.


*Confidentiality*
This communication (including any attachment/s) is intended only for 
the use of the addressee(s) and contains information that is 
PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, dissemination, 
distribution, or copying of this communication is prohibited. Please 
inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any attachments, may not be free of 
viruses, trojans, similar or new contaminants/malware, interceptions 
or interference, and may not be compatible with your systems. You 
shall carry out virus/malware scanning on your own before opening any 
attachment to this e-mail. The sender of this e-mail and Company 
including its sister concerns shall not be liable for any damage that 
may incur to you as a result of viruses, incompleteness of this 
message, a delay in receipt of this message or any other computer 
problems.


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] Stir Shaken Verification issue

2022-04-25 Thread Devang Dhandhalya via Users 
Hello All

I am testing STIR/SHAKEN calls using two servers.
calls originating to the first server adding identity header and when
sending calls to the second server for verification service at the time of
verification service i am getting below error .

error :437 , Unsupported Credential , Verification Fails with Return code
:-8 INFO:stir_shaken:verify_callback: certificate validation failed: self
signed certificate INFO:stir_shaken:w_stir_verify: Invalid certificate
OpenSIPS Version : 3.2.2 I generate certificate using domain which mapped
with those 2 server :
https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh
When the same server generates an identity header and verifies it at that
time not getting an issue call is working fine but when the identity header
generated by server 1 and going to verify it by server 2 we get this above
error.
Is it related to the URL which is in the info param ? When I open that URL
in the browser I am able to see the certificate.

Please suggest a solution for this issue.

Regards
Devang Dhandhalya

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users