Unable to do SIP calling between WebRTC clients



I am unable to generate certificates for webrtc. Getting below error to load res_srtp.so

*CLI> module load res_srtp.so
Unable to load module res_srtp.so
Command 'module load res_srtp.so ’ failed.
[May 17 18:11:42] WARNING[9254]: loader.c:1071 load_resource: Module ‘res_srtp.so’ already exists.


The module is already loaded. How are you generating certificates?


@jcolp Thanks for the reply.

We are generating certificates by using the below process. But we are unable to generate certificates.

mkdir /etc/asterisk/keys

cd /usr/src/asterisk-13.1.0/contrib/scripts

/ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys

Next, we generate a client certificate for our SIP device.

./ast_tls_cert -m client -c /etc/asterisk/keys/ca.crt -k /etc/asterisk/keys/ca.key -C phone1.mycompany.com -O “My Super Company” -d /etc/asterisk/keys -o malcolm


What do you mean when you say “you are unable to generate certificates” - what exactly happens?


Getting below error while trying.

[root@Nipun scripts]# /ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys
-bash: /ast_tls_cert: No such file or directory


That’s because you are not executing it correctly. It should be “./ast_tls_cert” not “/ast_tls_cert” - there is a period in front.


We have tried with that also. For that we are getting below error.

[root@Nipun scripts]# ./ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys
hostname: Unknown host


The script gets the local hostname using “hostname -f” so it can be used in case one is not specified. This is failing on your system it seems, why that is I don’t know.


We are getting below error for “hostname -f”

[root@Nipun scripts]# hostname -f
hostname: Unknown host
[root@Nipun scripts]# hostname



I have two peers defined in Asterisk, which I am able to successfully register with. Signalling seems to be working nicely, as I am able to initiate and reject calls without any problems.

However, when I answer a call which is initiated, it terminates immediately. In the Asterisk logs, I see the following:-

WARNING[3931][C-00000009] res_rtp_asterisk.c: Could not set policies when setting up DTLS-SRTP on '0x7f752c001320’
WARNING[3931][C-00000009] res_rtp_asterisk.c: RTP Read error: Unspecified. Hanging up.


Another individual had that problem and they resolved it by using the latest version of libsrtp. What version are you using?


@jcolp Thanks for the reply.

We are using SRTP 1.4.4


The latest supported version is 1.5.4, I would suggest updating to that.



Please provide the link to download srtp 1.5.4



Google suggests that libsrtp is maintained in Cisco’s Github repo here:

And, if you browse around there, you can find links to the downloadable packages:

If I scroll down that page, I find a link to the .tar.gz package:


Building solutions based on toolkits is going to require you to be resourceful. When people make suggestions to you like “The latest supported version is 1.5.4, I would suggest updating to that,” the best thing you can do is some self-searching to see if you can find it. And, if you’re unsure about what you find, but asking as a question with what you’ve been able to learn, e.g.

“Is this (https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz) the correct thing to download?”

people are pleased to continue trying to help.



That is libsrtp not SRTP.

Please tell me, libsrtp and SRTP both are same. And please provide installation of libsrtp 1.5.4


SRTP is the name of the extension to RTP that does security, libsrtp is a library that implements it.


@jcolp Please post the link to download SRTP 1.5.4 and how to install SRTP 1.5.4


I have downloaded the libsrtp 1.5.4. Please someone tell me how to install that.


Read the readme file. Usually is with make && make install but read the docs provided with the package or hire a consultant to the the job.