Vicidial Webphone WEBRTC - Asterisk 13.21
For SSL you will need buy the service from eg: namecheap.com and to generate CSR, please follow the below URL
http s://decoder.link/csr_generator/
It will provide you CSR and Private Key for the specific domain you want to use
Asterisk configuration
Enable and configure embedded asterisk web server.
Open /etc/asterisk/http.conf
Make sure you have following options congifured
[general]
enabled=yes
; Address to bind to, both for HTTP and HTTPS. You MUST specify
; a bindaddr in order for the HTTP server to run. There is no
; default value.
bindaddr=
bindport=8088
tlsenable=yes ; enable tls - default no.
tlsbindaddr=:8089 ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/path/to/your/certificate.pem ; path to the certificate file (.pem) only.
tlsprivatekey=/path/to/your/privkey.pem ; path to private key file (.pem) only.
; To produce a certificate you can rename .crt to .pem and rename .key to .pem
Configure chan_sip
1.Open /etc/asterisk/sip.conf
Add following lines
realm=
transport=udp,ws,wss
avpf=yes
srvlookup=yes
httpd configuration
1.configure httpd to use ssl certificates.
open vi /etc/httpd/conf.d/ssl.conf
SSL Engine Switch:
Enable/Disable SSL for this virtual host.
SSLEngine on
change patch to certificates
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
SSLCertificateFile /path/to/your/cert.pem
or
SSLCertificateFile /path/to/domain.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /path/to/your/privkey.pem
or
SSLCertificateFile /path/to/domain.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded intermediate CA
# certificates which form the certificate chain for the
# server certificate. Alternatively the referenced file
# can be the same as SSLCertificateFile when the CA
# certificates are directly appended to the server
# certificate for convinience.
# SSLCertificateChainFile /path/to/your/fullchain.pem
- Force all connections to be secure
open /etc/httpd/conf/httpd.conf
add following
NameVirtualHost *:443
ServerAdmin *Emails are not allowed*
ServerName domain.com
DocumentRoot /var/www/html/
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/domain.crt
SSLCACertificateFile /etc/httpd/ssl/domain.ca-bundle
SSLCertificateKeyFile /etc/httpd/ssl/domain.key
RewriteEngine On
RewriteCond %{HTTP S} off
RewriteRule (.*) http s://%{HTTP_HOST}%{REQUEST_URI}
ServerAdmin *Emails are not allowed*
DocumentRoot /var/www/html/
ServerName domain.com
ServerAlias domain.com
ErrorLog /var/www/html/error.log
- Restart httpd
systemctl restart httpd
Vicidial configuration
Configure Web phone URL
In vicidial ADMINISTRATION page change Admin->System Settings->Webphone URL: to PBXWebPhone/index.php OR viciphone/viciphone.php
Specify Web Socket URL:
Admin->Servers->-> Web Socket URL: to "wss://:8089/ws"
Enable Web phone in phone config
In vicidial ADMINISTRATION page change Admin->Phones->"Set As Webphone" to "Y"
Add ssl configuration to phone config
In vicidial ADMINISTRATION page go to Admin->Phones
Select Template ID: SIP_generic
Add following config to Conf Override:
`
`ini
avpf=yes
encryption=yes
icesupport=yes
avpf=yes
nat=comedia
directmedia=no
dtlsenable=yes
dtlsverify=no
dtlscertfile=/path/to/your/cert.pem
dtlsprivatekey=/path/to/your/privkey.pem
dtlssetup=actpass
`
`
NOTE: Change /patch/to/your/*.pem to correct path on your server
TO Debug:
asterisk -vvvr
http show status
OUTPUT
HTTP Server Status:
Prefix:
Server: Asterisk/13.21.0-vici
Server Enabled and Bound to 1.1.1.1:8088
HTTPS Server Enabled and Bound to 1.1.1.1:8089
Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/phoneprov/... => Asterisk HTTP Phone Provisioning Tool
/static/... => Asterisk HTTP Static Delivery
/ari/... => Asterisk RESTful API
/ws => Asterisk HTTP WebSocket
Enabled Redirects:
None.
and open
http s://IP:8089/ws
OUTPUT
Upgrade Required
Asterisk/13.21.0-vici
and websocket live debug
Open http s://IP/agc/PBXWebPhone/test.php
OUTPUT
Should show iframe
Alternate Phono is VICIPHONE
put the content of source into agc or mkdir webphone and put it in the source file as above we mentioned the path in Webphone URL