Im using JSSIP version 3.10 and Asterisk 20 to authenticate an SIP over WebRTC. The problem is: When i make the register to my asterisk server using “ws” it works perfectly fine but when i use “wss” the JSSIP says it’s registered but in asterisk itself it keeps “UNREACHABLE” and this message keep shown:
chan_sip.c:4356 __sip_reliable_xmit: Serious Network Trouble; __sip_xmit returns error for pkt data
The SSL certs has been generated by LetsEncrypt and its fully working and i copied them to /etc/asterisk/keys and gave them 750 perm and chown to “asterisk” role. The proof that the certs are working is that if i type in my browser: “https://MY_DOMAIN:8089/ws” it returns: “426 - Upgrade Required” and the browser recognize the cert.
My http.conf is this:
[general]
servername=Asterisk
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/fullchain.pem
tlsprivatekey=/etc/asterisk/keys/privkey.pem
My general sip.conf:
[general]
bindaddr=0.0.0.0
bindport=5060
transport=udp,tcp,ws,wss
nat=force_rport,comedia
tlsenable=yes
tlsbindaddr=0.0.0.0:5060
tlscertfile=/etc/asterisk/keys/fullchain.pem
tlsprivatekey=/etc/asterisk/keys/privkey.pem
allowexternaldomains=yes
#include sip_trunks.conf
#include sip_endpoints.conf
My peer:
[204]
type=friend
context=MY_CONTEXT
username=204
secret=MY_PASSWORD
host=dynamic
nat=force_port,comedia
canreinvite=no
disallow=all
allow=ulaw,alaw,opus
qualify=yes
qualifyfreq=60
rewritecontact=yes
encryption=no
avpf=yes
icesupport=yes
dtlsenable=yes
dtlsverify=fingerprint
dtlssetup=actpass
dtlscertfile=/etc/asterisk/keys/fullchain.pem
dtlsprivatekey=/etc/asterisk/keys/privkey.pem
directmedia=no
rtcp_mux=yes
And this is how im configuring my JSSIP:
let dados_aut_split = usuario.value.split('@')
let num_ramal = dados_aut_split[0]
let realm = dados_aut_split[1]
const socket_ramal = new JsSIP.WebSocketInterface(`wss://${realm}:8089/ws`);
const configuration = {
sockets: [socket_ramal],
uri: `sip:${usuario.value}`,
password: senha.value,
mediaConstraints: { audio: true, video: false }
};
ua = new JsSIP.UA(configuration);
Is there anything i could be doing wrong? i also could share some sip logs and other stuffs
PS: Im running a server inside AWS Infrasctructure and im already allowed the following ports over TCP/UDP: 10000-2000, 8088, 8089, 5060-5070