<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <p>Hi Devang,</p>

    <p>The URL in the info param has nothing to do with the verification

      itself.</p>

    <p>I suspect you are somehow not using the proper certificate and/or

      CA, as the certificate generated by the script you mentioned

      should not be self signed, as the error indicates.</p>

    <p>Regards,<br>

    </p>

    <pre class="moz-signature" cols="72">-- 

Vlad Patrascu

OpenSIPS Core Developer

<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>

    <div class="moz-cite-prefix">On 25.04.2022 15:47, Devang Dhandhalya

      via Users wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CAP0uOe_4K4THhMukUWcHSD6i9cTgHk8EGVd+R5Rf3Gu6ZAJhXg@mail.gmail.com">

      <meta http-equiv="content-type" content="text/html; charset=UTF-8">

      <div dir="ltr">Hello All

        <div><span style="background-color:rgba(32,33,36,0.04);color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap">

</span></div>

        <div><span style="background-color:rgba(32,33,36,0.04);color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap">I am testing STIR/SHAKEN calls using two servers. </span><br>

        </div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">

calls originating to the first server adding identity header and when sending calls to the second server for verification service at the time of verification service i am  getting below error  . </span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">

</span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">error :437 , Unsupported Credential , Verification Fails with Return code :-8

<a class="moz-txt-link-freetext" href="INFO:stir_shaken:verify_callback">INFO:stir_shaken:verify_callback</a>: certificate validation failed: self signed certificate

<a class="moz-txt-link-freetext" href="INFO:stir_shaken:w_stir_verify">INFO:stir_shaken:w_stir_verify</a>: Invalid certificate</span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">OpenSIPS Version : 3.2.2

I generate certificate using domain which mapped with those 2 server : </span><a href="https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh" target="_blank" dir="ltr" rel="noopener nofollow noreferrer" class="gmail-oiM5sf moz-txt-link-freetext" style="text-decoration-line:none;background:rgba(32,33,36,0.04);font-size:14px;margin:0px;padding:0px;vertical-align:baseline;font-family:Roboto,sans-serif;white-space:pre-wrap" moz-do-not-send="true">https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh</a><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">

</span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">When the same server generates an identity header and verifies it at that time not getting an issue call is working fine  but when the identity header generated by server 1 and going to verify it by server 2 we get this above error.

</span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">Is it related to the URL which is in the info param ? 

When I open that URL in the browser I am able to see the certificate. </span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">

</span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">Please suggest a solution for this issue.</span><br>

        </div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">

</span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">Regards </span></div>

        <div><span style="color:rgb(32,33,36);font-family:Roboto,sans-serif;font-size:14px;white-space:pre-wrap;background-color:rgba(32,33,36,0.04)">Devang Dhandhalya</span></div>

      </div>

      <br>

      <div><font style="background-color:white" size="2" face="Arial"

          color="#808080"><b>Disclaimer</b></font></div>

      <div>

        <div><span

style="background-color:white;color:rgb(128,128,128);font-family:Arial;font-size:small">In

            addition to generic Disclaimer which you have agreed on our

            website, any views or opinions presented in this email are

            solely those of the originator and do not necessarily

            represent those of the Company or its sister concerns. Any

            liability (in negligence, contract or otherwise) arising

            from any third party taking any action, or refraining from

            taking any action on the basis of any of the information

            contained in this email is hereby excluded.</span></div>

      </div>

      <div><span

style="background-color:white;color:rgb(128,128,128);font-family:Arial;font-size:small"><br>

        </span></div>

      <div><font style="background-color:white" size="2" face="Arial"

          color="#808080"><b>Confidentiality</b></font></div>

      <div><font style="background-color:white" size="2" face="Arial"

          color="#808080">This communication (including any

          attachment/s) is intended only for the use of the addressee(s)

          and contains information that is PRIVILEGED AND CONFIDENTIAL.

          Unauthorized reading, dissemination, distribution, or copying

          of this communication is prohibited. Please inform originator

          if you have received it in error.</font></div>

      <div><font style="background-color:white" size="2" face="Arial"

          color="#808080"><br>

        </font></div>

      <div><span

style="background-color:white;color:rgb(128,128,128);font-family:Arial;font-size:small"><b>Caution

            for viruses, malware etc.</b></span></div>

      <div><font style="background-color:white" size="2" face="Arial"

          color="#808080">This communication, including any attachments,

          may not be free of viruses, trojans, similar or new

          contaminants/malware, interceptions or interference, and may

          not be compatible with your systems. You shall carry out

          virus/malware scanning on your own before opening any

          attachment to this e-mail. The sender of this e-mail and

          Company including its sister concerns shall not be liable for

          any damage that may incur to you as a result of viruses,

          incompleteness of this message, a delay in receipt of this

          message or any other computer problems. </font></div>

      <br>

      <fieldset class="moz-mime-attachment-header"></fieldset>

      <pre class="moz-quote-pre" wrap="">_______________________________________________

Users mailing list

<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>

<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>

</pre>

    </blockquote>

  </body>

</html>