Difference between revisions of "MOR STIR/SHAKEN"

From Kolmisoft Wiki
Jump to navigationJump to search
Line 41: Line 41:
** '''None''' - no STIR/SHAKEN attestation is performed.
** '''None''' - no STIR/SHAKEN attestation is performed.
** '''By Number''' - STIR/SHAKEN attestation will depend '''only''' on CLI numbers configured in global '''Attestation X Number Pool''' settings. All CLIs without a configured STIR/SHAKEN attestation level will be ignored - no SIP Identity header will be added.
** '''By Number''' - STIR/SHAKEN attestation will depend '''only''' on CLI numbers configured in global '''Attestation X Number Pool''' settings. All CLIs without a configured STIR/SHAKEN attestation level will be ignored - no SIP Identity header will be added.
** '''A''', '''B''', '''C''' - attestation level to use, when CLI is not found in global '''Attestation X Number Pool'''.
** '''A''', '''B''', '''C''' - attestation level to use when CLI is not found in global '''Attestation X Number Pool'''.

Revision as of 22:37, 5 June 2025

About

MOR supports STIR/SHAKEN authentication (construction of the SIP Identity header).

Requirements

  • Latest Asterisk 20 (must be compiled after Mar 23, 2025)
  • Latest MOR X18
  • MOR Core 29.x.x
  • PJSIP (STIR/SHAKEN works only with PJSIP Devices)
  • Private key
  • Public certificate (.pem file or URL to certificate)

Note: PJSIP must be enabled by Kolmisoft support team.

Kolmisoft does not provide private key and public certificate. STIR/SHAKEN public certificate must be acquired from STIR/SHAKEN authorities.

Configuration

Global configuration

Global STIR/SHAKEN configuration is located in SETTINGS -> Setup -> STIR/SHAKEN.

Mor stirshaken global conf.png

  • Private Key - path to private key which was used to acquire STIR/SHAKEN certificate. Private key must be located in this path in all Asterisk servers.
  • Certificate Location
    • Local - STIR/SHAKEN certificate will be uploaded and hosted in MOR server (GUI server). SIP Identity header will contain URL to certificate: YOUR_HOSTNAME/billing/cert.pem
    • External - external STIR/SHAKEN certificate URL will be used to construct SIP Identity header.
  • Attestation A Number Pool - number pool to use as list of A attested CLI numbers. Calls from these numbers will have SIP Identity header with A attestation level.
  • Attestation B Number Pool - number pool to use as list of B attested CLI numbers. Calls from these numbers will have SIP Identity header with B attestation level.
  • Attestation C Number Pool - number pool to use as list of C attested CLI numbers. Calls from these numbers will have SIP Identity header with C attestation level.

Device/Provider configuration

STIR/SHAKEN attestation can be enabled in Device or Provider Advanced settings:

Mor stirshaken device provider settings.png

  • STIR/SHAKEN Attestation
    • None - no STIR/SHAKEN attestation is performed.
    • By Number - STIR/SHAKEN attestation will depend only on CLI numbers configured in global Attestation X Number Pool settings. All CLIs without a configured STIR/SHAKEN attestation level will be ignored - no SIP Identity header will be added.
    • A, B, C - attestation level to use when CLI is not found in global Attestation X Number Pool.
Retrieved from "https://wiki.kolmisoft.com/index.php?title=MOR_STIR/SHAKEN&oldid=30159"