# Configure Class 4 The configuration is fully in dnl switch config file right now: /opt/denovo/dnl\_softswitch/conf/dnl\_softswitch.conf ``` [shaken] # Whether to use built-in or remote module. Default: use remote use_builtin = yes # # Built-in STIR/SHAKEN module configuration # Ignored if set use_builtin = no # # Iconectiv API account credentials iconectiv_user_id = xxx iconectiv_password = xxx # Whether to use staging environment (default: use production) # iconectiv_staging = yes # Trace HTTP requests to iconectiv API #iconectiv_trace = yes # SHAKEN STI-SP key to sign calls with sti_sp_key_path = /opt/denovo/dnl_softswitch/shaken/sti_sp_813T_ec.pem sti_sp_key_passphrase = ENfexxx5MbHxppJV # URL to SHAKEN STI-SP certificate to put in PASSporT sti_sp_x5u = http://certificates.peeringhub.io/0axxx0b4d93fdb0e628c577020c73b8a5caff750e7e499f80ee2ab362a3f6a.crt # Log all sign requests into a file sti_sp_sign_log = yes # Log all verification errors into a file sti_sp_verification_error_log = yes # Certificates cache location (default binary path /shaken_cache) #cert_cache_path = /opt/denovo/dnl_softswitch/shaken_cache # # External STIR/SHAKEN module configuration # Ignored if set use_builtin = yes # # Path to PEM certificate file for TLS connections #our_cert_file = # How many times to retry failed requests max_retry = 3 # Request timeout req_timeout = 0.5 # Connection failures timeout conn_timeout = 10 # How often to post status into c4_shaken_status table # Set 0 to disable. status_post_interval = 1 # Our bind address for UDP connections our_ip = 176.31.100.14 our_port = 15889 # Log all incoming and outgoing data (1 - true; 0 - false) enable_trace = 1 ``` After you configure the \[shaken] section, you need to restart the switch to make it effective. {% hint style="info" %} Configure built-in SHAKEN module in dnl\_softswitch.conf (use template from c4v7 stash >= v7.1.2-1), {% endhint %} \ Explanation of key stir-shaken parameters ----------------------------------------------- \[shaken] Make switch use built-in module instead of external ``` use_builtin = yes ``` Path to STI-SP private key for calls signing, and its passphrase (if required) ``` sti_sp_key_path = /opt/denovo/dnl_softswitch/certs/sti_sp_XXX.pem sti_sp_key_passphrase = 12345678 Public URL of STI-SP certificate sti_sp_x5u = http://certificates.peeringhub.io/XXXXX.crt ``` Log all signing operations and verification errors ``` sti_sp_sign_log = yes sti_sp_verification_error_log = yes ``` If server does not have access to iconectiv.com, make sure to delete/comment-out the corresponding configuration in the dnl\_softswitch.conf: ``` # Iconectiv API account credentials #iconectiv_user_id = sp_username #iconectiv_password = sp_password ``` {% hint style="info" %} In most cases, you just need to modify these following lines and leave the rest as default: sti\_sp\_key\_path - path to their private key to sign calls. sti\_sp\_key\_passphrase - password for this key, if it's encrypted. sti\_sp\_x5u - URL which can be used to download certificates. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://cookbook.denovolab.com/stir-shaken/configure-class-4.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.