Hi Devang,
The error:
ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal format
may be a bit misleading as the private key and certificate must be
provided in PEM format to the stir_shaken_auth() function. The DER
format that the error refers to is used only internally, for an
intermediary step. On the other hand, you may get the same error if the
private key is not generated as an "prime256v1" EC key.
Regarding the e164_strict_mode module parameter, the orig/dest number
should still be in E.164 format, except the leading '+' sign, which is
not required when the parameter is turned off. The parameter is also
related to the type of URI required (tel URI / sip URI with the
"user=phone" parameter).
Regards,
Vlad
--
Vlad Patrascu
OpenSIPS Core Developer
http://www.opensips-solutions.com
On 17.11.2021 17:27, Devang Dhandhalya wrote:
hello all
Above E.164 Error still getting .Right now I'm getting the below error .
Can anyone tell me why I am getting this error ? as far as i know this
error for x5u parameter in stir_shaken_auth function , this issue coming
for certificate path or certificate file format .
I check the certificate file with .der and .cer format also .
Here is the code snippet used .
$var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
"$var(pkey)","http://localhost/certificate.pem
<http://localhost/certificate.pem>","$var(orig)","$var(dest)");
Below Error i am getting .
ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal format
ERROR:stir_shaken:w_stir_auth: Failed to add Identity header
STIR_SHAKEN AUTHENTICATION SERVICE return code : -1
Kindly let me know if there is something wrong that I could be doing.
Many Thanks Devang Dhandhalya
On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya
<devang.dhandha...@ecosmob.com <mailto:devang.dhandha...@ecosmob.com>>
wrote:
Hi All
I configured the e164 strict mode module parameter as 0 (disabled)
. but still i am getting errors related to its e164 format .While
if orig/dest number is not in e164 format then also opensips have
to accept it but it is not accepting . I have a user like
extension123 for this function I have to perform authentication
service . if i have a user extension123 is it possible to perform
authenticate service for this kind of user ?
I think this is a bug for the e164 strict mode module parameter .
I am getting the below error .
opensips version : 3.2.2
ERROR :
ERROR:stir_shaken:check_passport_phonenum: number is not in E.164
format: extension123
ERROR:stir_shaken:w_stir_auth: failed to validate Originator
number (extension123)
loadmodule "stir_shaken.so"
modparam("stir_shaken", "auth_date_freshness", 300)
modparam("stir_shaken", "verify_date_freshness", 300)
modparam("stir_shaken", "require_date_hdr", 0)
modparam("stir_shaken", "e164_strict_mode", 0)
$var(orig) = $fU;
$var(dest) = $tU
$var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
"$var(pkey)","http://localhost/certificate.pem
<http://localhost/certificate.pem>","$var(orig)","$var(dest)");
Please suggest a solution to this .
Many Thanks
Devang
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our
website, any views or opinions presented in this email are solely
those of the originator and do not necessarily represent those of the
Company or its sister concerns. Any liability (in negligence, contract
or otherwise) arising from any third party taking any action, or
refraining from taking any action on the basis of any of the
information contained in this email is hereby excluded.
*Confidentiality*
This communication (including any attachment/s) is intended only for
the use of the addressee(s) and contains information that is
PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, dissemination,
distribution, or copying of this communication is prohibited. Please
inform originator if you have received it in error.
*Caution for viruses, malware etc.*
This communication, including any attachments, may not be free of
viruses, trojans, similar or new contaminants/malware, interceptions
or interference, and may not be compatible with your systems. You
shall carry out virus/malware scanning on your own before opening any
attachment to this e-mail. The sender of this e-mail and Company
including its sister concerns shall not be liable for any damage that
may incur to you as a result of viruses, incompleteness of this
message, a delay in receipt of this message or any other computer
problems.
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users