Claim your Biolink Click Here
1 like 0 dislike
20.9k views
HOW TO SETUP WEBRTC or WebRTC based webphone for Vicidial
in Education & Reference by (4.6k points) | 20.9k views
0 0
vi /etc/asterisk/http.conf

[general]
servername=Asterisk
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes      
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/letsencrypt/live/Domain.com/cert.pem
tlsprivatekey=/etc/letsencrypt/live/Domain.com/privkey.pem


vi /etc/asterisk/sip.conf

realm=domain
srvlookup=yes
transport=udp,wss,wss
avpf=yes
nat=force_rport,comedia


Vici-> Admin-> Templates -> Choose Template

type=friend
host=dynamic
context=trunkinbound
encryption=yes
avpf=yes
force_avp=yes
nat=comedia
disallow=all
allow=ulaw
allow=alaw
directmedia=no
icesupport=yes
dtlsenable=yes
dtlsverify=no
dtlscertfile=/etc/letsencrypt/live/Domain.com/cert.pem
dtlsprivatekey=/etc/letsencrypt/live/Domain.com/privkey.pem
dtlssetup=actpass
rtcp_mux=yes

Vici-> Admin-> Servers -> Choose Server
Web Socket URL: wss://Domain.com:8089/ws

Vici-> Admin-> System Settings
Default Webphone: 1
Webphone URL: https://domain.com/agc/webrtc2/viciphone.php

download viciphone from https://github.com/ccabrerar/ViciPhone

Vici-> Admin-> Phones -> Choose Phone
Set As Webphone: Y
Webphone Dialpad: Y
Webphone Auto-Answer: Y
Webphone Debug: N
Template ID: which you chosen template above

1 Answer

0 like 0 dislike

Vicidial Webphone WEBRTC - Asterisk 13.21

For SSL you will need buy the service from eg: namecheap.com and to generate CSR, please follow the below URL

http s://decoder.link/csr_generator/

It will provide you CSR and Private Key for the specific domain you want to use

Asterisk configuration

Enable and configure embedded asterisk web server.
Open /etc/asterisk/http.conf

Make sure you have following options congifured

[general]
enabled=yes
; Address to bind to, both for HTTP and HTTPS. You MUST specify
; a bindaddr in order for the HTTP server to run. There is no
; default value.
bindaddr=
bindport=8088
tlsenable=yes ; enable tls - default no.
tlsbindaddr=:8089 ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/path/to/your/certificate.pem ; path to the certificate file (.pem) only.
tlsprivatekey=/path/to/your/privkey.pem ; path to private key file (
.pem) only.

; To produce a certificate you can rename .crt to .pem and rename .key to .pem

Configure chan_sip
1.Open /etc/asterisk/sip.conf
Add following lines
realm=
transport=udp,ws,wss
avpf=yes
srvlookup=yes

httpd configuration

1.configure httpd to use ssl certificates.
open vi /etc/httpd/conf.d/ssl.conf

SSL Engine Switch:

Enable/Disable SSL for this virtual host.

SSLEngine on

change patch to certificates

 #   Server Certificate:
 #   Point SSLCertificateFile at a PEM encoded certificate.  If
 #   the certificate is encrypted, then you will be prompted for a
 #   pass phrase.  Note that a kill -HUP will prompt again.  Keep
 #   in mind that if you have both an RSA and a DSA certificate you
 #   can configure both in parallel (to also allow the use of DSA
 #   ciphers, etc.)

 SSLCertificateFile /path/to/your/cert.pem

or
SSLCertificateFile /path/to/domain.crt

 #   Server Private Key:
 #   If the key is not combined with the certificate, use this
 #   directive to point at the key file.  Keep in mind that if
 #   you've both a RSA and a DSA private key you can configure
 #   both in parallel (to also allow the use of DSA ciphers, etc.)
 SSLCertificateKeyFile /path/to/your/privkey.pem

or
SSLCertificateFile /path/to/domain.key

 #   Server Certificate Chain:
 #   Point SSLCertificateChainFile at a file containing the
 #   concatenation of PEM encoded intermediate CA
 #   certificates which form the certificate chain for the
 #   server certificate. Alternatively the referenced file
 #   can be the same as SSLCertificateFile when the CA
 #   certificates are directly appended to the server
 #   certificate for convinience.
 #   SSLCertificateChainFile /path/to/your/fullchain.pem
  1. Force all connections to be secure

open /etc/httpd/conf/httpd.conf
add following

    NameVirtualHost *:443
    ServerAdmin *Emails are not allowed*
    ServerName domain.com
    DocumentRoot /var/www/html/
    SSLEngine on
    SSLCertificateFile /etc/httpd/ssl/domain.crt
    SSLCACertificateFile /etc/httpd/ssl/domain.ca-bundle
    SSLCertificateKeyFile /etc/httpd/ssl/domain.key


 RewriteEngine On
 RewriteCond %{HTTP S} off
 RewriteRule (.*) http s://%{HTTP_HOST}%{REQUEST_URI}
 ServerAdmin *Emails are not allowed*
 DocumentRoot /var/www/html/
 ServerName domain.com
 ServerAlias domain.com
 ErrorLog /var/www/html/error.log

  1. Restart httpd

systemctl restart httpd

Vicidial configuration

Configure Web phone URL
In vicidial ADMINISTRATION page change Admin->System Settings->Webphone URL: to PBXWebPhone/index.php OR viciphone/viciphone.php
Specify Web Socket URL:
Admin->Servers->-> Web Socket URL: to "wss://:8089/ws"
Enable Web phone in phone config
In vicidial ADMINISTRATION page change Admin->Phones->"Set As Webphone" to "Y"
Add ssl configuration to phone config
In vicidial ADMINISTRATION page go to Admin->Phones
Select Template ID: SIP_generic
Add following config to Conf Override:
``ini

avpf=yes
encryption=yes
icesupport=yes
avpf=yes
nat=comedia
directmedia=no 
dtlsenable=yes
dtlsverify=no 
dtlscertfile=/path/to/your/cert.pem  
dtlsprivatekey=/path/to/your/privkey.pem  
dtlssetup=actpass 

``
NOTE: Change /patch/to/your/*.pem to correct path on your server

TO Debug:

asterisk -vvvr

http show status

OUTPUT

HTTP Server Status:
Prefix:
Server: Asterisk/13.21.0-vici
Server Enabled and Bound to 1.1.1.1:8088

HTTPS Server Enabled and Bound to 1.1.1.1:8089

Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/phoneprov/... => Asterisk HTTP Phone Provisioning Tool
/static/... => Asterisk HTTP Static Delivery
/ari/... => Asterisk RESTful API
/ws => Asterisk HTTP WebSocket

Enabled Redirects:
None.

and open

http s://IP:8089/ws

OUTPUT

Upgrade Required
Asterisk/13.21.0-vici

and websocket live debug

Open http s://IP/agc/PBXWebPhone/test.php

OUTPUT

Should show iframe

Alternate Phono is VICIPHONE

put the content of source into agc or mkdir webphone and put it in the source file as above we mentioned the path in Webphone URL

by (1.6k points)
0 0
<VirtualHost *:80>
     RewriteEngine On
     RewriteCond %{HTTPS} off
     RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    ServerAdmin *Emails are not allowed*
     DocumentRoot /var/www/html/
     ServerName domain.com
     ServerAlias domain.com
     ErrorLog /var/www/html/error.log
</VirtualHost>

Related questions

1 like 0 dislike
1 answer
2 like 0 dislike
1 answer
asked Jun 2, 2020 in Education & Reference by Sam (1.6k points) | 741 views
0 like 0 dislike
1 answer
3 like 0 dislike
1 answer
asked May 27, 2021 in Education & Reference by Yogi (460 points) | 539 views
2 like 0 dislike
0 answers
asked May 31, 2020 in Education & Reference by Marc (4.6k points) | 290 views
2 like 0 dislike
2 answers
asked May 30, 2020 in Education & Reference by john (80 points) | 559 views
0 like 0 dislike
1 answer
1 like 0 dislike
1 answer
asked Jan 4, 2018 in Education & Reference by Simmi (830 points) | 490 views
2 like 1 dislike
2 answers
asked Nov 29, 2017 in Education & Reference by Sam (1.6k points) | 4.2k views
1 like 0 dislike
1 answer

Where your donation goes
Technology: We will utilize your donation for development, server maintenance and bandwidth management, etc for our site.

Employee and Projects: We have only 15 employees. They are involved in a wide sort of project works. Your valuable donation will definitely boost their work efficiency.

How can I earn points?
Awarded a Best Answer 10 points
Answer questions 10 points
Asking Question -20 points

1,308 questions
1,469 answers
568 comments
4,809 users