Asterisk-WebRTC Server setup

Team,

We have enabled WebRTC in Asterisk 13. We created an aws instance(centos) , gave a domain name and installed a SSL certificate. WebRTC in Asterisk working fine with the mentioned setup.

But is it possible to enable webRTC in a local server meaning without domain name and SSL certificate?

Basically we need to enable WebRTC in AsteriskNow (Freepbx) environment.

Your limitation will come from the Browsers. You are not able to create the necessary Websocket connection to Asterisk without an SSL, and yes, the certificate will require a domain.

There are a number of ways to solve this, but without knowing your use-case, I can only suggest that if this is a purely LAN solution, then you use a .local domain and use a self-generated cert.

1 Like

Thanks @InnovateAsterisk for the quick response.

Currently we are using linphone as a SIP client in our applications.
But we planned to go for WebRTC so that we can avoid linphone dependency.
The available clients to test WebRTC in asterisk are Sipml5 and Jssip. Both are using Websocket as the transport protocol.

Following are our use cases :slight_smile:

  1. Asterisk will installed in Linux environment (Centos or Ubuntu) and the setup may in local or public environment
  2. FreePBX will be installed in Virtual box and the setup may in local or public environment

We have enabled WebRTC in public environment and it’s working fine.
But we don’t know whether it is possible in local environment or not.

As was already hinted, root certificates don’t have to be those of people like Verisign; you can have an organisation level CA, and I would suggest that bigger, security conscious, organisations would want to disable most of the standard CAs in their browser and add their own, organisation level, one.

Whilst I think it is possible to install a combined CA and working certificate (so called self signed certificate - although all top level certificates are actually self signed, not just just those used to directly authenticate servers), it doesn’t take much more to create a CA certificate and then sign a, separate, server certificate. You can than go on and create certificates to authenticate the WebRTC clients, etc.

This video covers almost all of the topics you are interested in. Although it is focused around the Raspberry Pi, Apache and the reverse proxy, you should be able to convert that to your own use case.