I have a setup where the user can make a call to Asterisk through WebRTC client or a normal sip client. The problem is for webRTC to work encryption is enabled (AVPF) so a normal sip client is unable to use these settings or when I remove encryption, WebRTC client is unable to connect to Asterisk, since it requires encryption.
Is there a way to have multiple realtime accounts in Asterisk for the same user - One with encryption enabled and other without, with Asterisk selecting the appropriate based on the incoming SIP request?
Not currently, no. PJSIP could get there easier in that the selection process is easily pluggable so a custom one could be written but such a thing does not exist. To do it in chan_sip would be a huge amount of effort.
There was discussion on the asterisk-dev mailing list a few months ago from someone expressing a desire to extend the configuration to allow a single endpoint to do the above and I provided feedback but I have not seen any patches from them to support this.
In the sort of hybrid environments that exist in the advent of WebRTC, in the absence of this feature would require separate Asterisk instances. Even then being unable to share user configs creating redundant setups difficult to scale.
Alternatively, is there a way to detect within dialplan where the call is coming from (WebRTC or SIP) and dynamically update user encryption details in database or provide Chan_sip with right user settings for the call?
Having thought about it, the simplest way is to create a Mysql view for each set of Asterisk servers pointing realtime to the specific view. Not ideal, but in the circumstances would suffice.
For this particular case, when you need to use normal & webrtc clients the best approach is to use a webrtc media gateway like the WebRTC2SIP gateway. You configure your clients like a simples SIP devices the gateway then translate to webrtc when it is needed.