Brekeke SIP Server Wiki

Authentication Server

STIR/SHAKEN Authentication Server (STI-AS)

 

Note: Brekeke SIP Server Premium Edition is required.

 

 

1. Enable the STI-AS function

In the [STIR/SHAKEN AS] [STI-AS Settings] page, set “on” at the [On/Off].

 

 

2. Import the key

In the [STIR/SHAKEN AS] [STI-AS Keys] page, push [New Key] for adding new private key.

Item Description
Key ID ID for referencing the key from DialPlan
Key File Private key file in PEM or DER format
Certificate URL HTTPS/HTTP URL for the certificate file

The key with “Default” mark is selected automatically if matched DialPlan rules didn’t specify the preferred Key ID.

 

 

3. Enable the Event log (Optional)

In the [STIR/SHAKEN AS] > [STI-AS Settings] page, set “on” at the [Event Log].

 

 

4. Enable the Debug log (Optional)

In the [Diagnostics] > [Debug Logs] page, check [STIR/SHAKEN] category and push [Update].

 

 

5. Add DialPlan rule (Optional)

In the default, the STI-AS function automatically determines the attestation and insert Identity: header.
For tuning a STI-AS behavior, use DialPlan rules.

5.1. Variables

– Define the Attestation Indicator (“attest”)

Syntax:

&sti.as.attest = <ATTEST>

Example:

&sti.as.attest = A

 

– Use a certain key for signing Identity: header

Syntax:

&sti.as.keyid = <KEY-ID>

Example:

&sti.as.keyid = production

If no Key ID is specified, the default key will be used.

 

– Replace preexisting Identity: header

Syntax:

&sti.as.exist-identity = <MODE>

Example:

&sti.as.exist-identity = 1

Mode:
0 = Keep existing Identity: header and not insert new one. (default)
1 = Remove the existing Identity: header and insert new one
2 = Keep existing Identity: header and insert new one.

 

– Disable the adding of Identity: header

Syntax:

&sti.as.use = false

In the default, the STI-AS function adds Identity: header to all outgoing INVITE requests.

 

5.2. Sample DialPlan rules

Set the stored attest if the caller number is listed in the Alias database. Othwerwise set the attest ‘C‘.

[Matching Patterns]
$request = ^INVITE
From = sip:.*(\d{10})@

[Deploy Patterns]
&sti.as.attest = %{$alias.lookup( "%1", "tn", "C" )}

 

Yes No
Suggest Edit