Unable to do SIP calling between WebRTC clients


#41

Hi,

I am unable to generate certificates for webrtc. Getting below error to load res_srtp.so

*CLI> module load res_srtp.so
Unable to load module res_srtp.so
Command 'module load res_srtp.so ’ failed.
[May 17 18:11:42] WARNING[9254]: loader.c:1071 load_resource: Module ‘res_srtp.so’ already exists.


#42

The module is already loaded. How are you generating certificates?


#43

@jcolp Thanks for the reply.

We are generating certificates by using the below process. But we are unable to generate certificates.

mkdir /etc/asterisk/keys

cd /usr/src/asterisk-13.1.0/contrib/scripts

/ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys

Next, we generate a client certificate for our SIP device.

./ast_tls_cert -m client -c /etc/asterisk/keys/ca.crt -k /etc/asterisk/keys/ca.key -C phone1.mycompany.com -O “My Super Company” -d /etc/asterisk/keys -o malcolm


#44

What do you mean when you say “you are unable to generate certificates” - what exactly happens?


#45

Getting below error while trying.

[root@Nipun scripts]# /ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys
-bash: /ast_tls_cert: No such file or directory


#46

That’s because you are not executing it correctly. It should be “./ast_tls_cert” not “/ast_tls_cert” - there is a period in front.


#47

We have tried with that also. For that we are getting below error.

[root@Nipun scripts]# ./ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys
hostname: Unknown host


#48

The script gets the local hostname using “hostname -f” so it can be used in case one is not specified. This is failing on your system it seems, why that is I don’t know.


#49

We are getting below error for “hostname -f”

[root@Nipun scripts]# hostname -f
hostname: Unknown host
[root@Nipun scripts]# hostname
Nipun


#50

@jcolp

I have two peers defined in Asterisk, which I am able to successfully register with. Signalling seems to be working nicely, as I am able to initiate and reject calls without any problems.

However, when I answer a call which is initiated, it terminates immediately. In the Asterisk logs, I see the following:-

WARNING[3931][C-00000009] res_rtp_asterisk.c: Could not set policies when setting up DTLS-SRTP on '0x7f752c001320’
WARNING[3931][C-00000009] res_rtp_asterisk.c: RTP Read error: Unspecified. Hanging up.


#51

Another individual had that problem and they resolved it by using the latest version of libsrtp. What version are you using?


#52

@jcolp Thanks for the reply.

We are using SRTP 1.4.4


#53

The latest supported version is 1.5.4, I would suggest updating to that.


#54

@jcolp

Please provide the link to download srtp 1.5.4


#55

Howdy,

Google suggests that libsrtp is maintained in Cisco’s Github repo here:

And, if you browse around there, you can find links to the downloadable packages:

If I scroll down that page, I find a link to the .tar.gz package:

https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz

Building solutions based on toolkits is going to require you to be resourceful. When people make suggestions to you like “The latest supported version is 1.5.4, I would suggest updating to that,” the best thing you can do is some self-searching to see if you can find it. And, if you’re unsure about what you find, but asking as a question with what you’ve been able to learn, e.g.

“Is this (https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz) the correct thing to download?”

people are pleased to continue trying to help.


#56

@malcolmd

That is libsrtp not SRTP.

Please tell me, libsrtp and SRTP both are same. And please provide installation of libsrtp 1.5.4


#57

SRTP is the name of the extension to RTP that does security, libsrtp is a library that implements it.


#58

@jcolp Please post the link to download SRTP 1.5.4 and how to install SRTP 1.5.4


#59

I have downloaded the libsrtp 1.5.4. Please someone tell me how to install that.


#60

Read the readme file. Usually is with make && make install but read the docs provided with the package or hire a consultant to the the job.