我正在嘗試將websocket配置爲使用星號11.但存在一些問題。 我遵循的步驟是: 在啓用的http.conf以下Websocket連接失敗並顯示星號11
enabled=yes
bindaddr=0.0.0.0
bindport=8088
我也配置了DTLS支持星號。 但是,當我嘗試連接到websocket新的WebSocket(「ws:// mySeverIp:8088/ws」); 。它會引發錯誤
WebSocket connection failed: Error during WebSocket handshake: Unexpected response code: 400
任何人都請幫忙。
謝謝
這是一個完整的安裝指南。請讓我知道這是否解決了您的問題。 星號還提供了wiki post on the matter
安裝SRTP:
cd ~
git clone https://github.com/cisco/libsrtp.git
cd libsrtp/
autoconf
./configure CFLAGS=-fPIC --prefix=/usr
make
make runtest
sudo make install
安裝PJPROJECT:
cd ~
git clone https://github.com/asterisk/pjproject pjproject
cd pjproject/
./configure --prefix=/usr --enable-shared --disable-sound --disable-resample --disable-video --disable-opencore-amr --with-external-srtp
make
sudo make install
安裝UUID開發庫(不需要爲Asterisk 12):
cd ~
sudo apt-get install uuid-dev -y (for Debian & ubuntu, libuuid-devel for CentOS)
安裝星號11:
cd ~
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-11-current.tar.gz
tar -xzf asterisk-11-current.tar.gz
生成和SRTP安裝DTLS證書:
cd asterisk*/contrib/scripts
sudo mkdir /etc/asterisk/
sudo mkdir /etc/asterisk/keys/
要生成自簽名的SSL證書,請使用以下命令:
### Replace 10.x.x.x by the IP adress of your server. 10.x.x.x is intern, use a public IP if your Asterisk will be exposed over Internet.
sudo ./ast_tls_cert -C 10.x.x.x -O "Your Company" -d /etc/asterisk/keys
在這個過程中,你會被要求選擇一個關鍵。按下Enter鍵,每次輸入相同的密鑰並生效。
如果將證書頒發機構生成你的SSL證書,請使用以下方法:
http://codeghar.wordpress.com/2013/04/16/generate-certificate-signing-request-on-linux/ http://codeghar.wordpress.com/2013/04/16/use-private-certificate-authority-to-sign-certificate-signing-request-on-linux/
在這個例子中的證書路徑是/etc/asterisk/keys/asterisk.pem
安裝星號(是的,你需要使用PJPROJECT和LIBSRTP編譯星號):
cd ~
cd asterisk*
sudo ./configure --with-pjproject --with-ssl --with-srtp
make menuselect
檢查軟件包pbx_realtime,res_odbc,res_http_websocket,res_crypto和chan_sip被激活。這是在Asterisk中通過WS或WSS使用WebRTC的必備條件。
make
sudo make install
sudo make config
## Recommended demo conf files with :
sudo make samples
cd ~
激活在/etc/asterisk/http.conf的WebSockets ANS SecureWebSockets(文件,該文件管理的Apache HTTP網頁Asterisk的實例)。如果使用Asterisk Realtime(ODBC),則必須在每個對等項中指定文件(行dtlscertfile & dtlsprivatekey表sippeers)。 :
enabled=yes;
bindport=8088;
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlsprivatekey=/etc/asterisk/keys/asterisk.pem
確保對文件夾權限都不錯:
sudo chown AsteriskUser. /var/run/asterisk
sudo chown -R AsteriskUser. /etc/asterisk
sudo chown -R AsteriskUser. /var/{lib,log,spool}/asterisk
sudo chown -R AsteriskUser. /usr/lib/asterisk
(通過運行Asterisk的服務用戶更換AsteriskUser)在sip.conf創建您的WebRTC同行(複製再拍用戶):
[1060] ; This will be WebRTC client
type=friend ;
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws,wss ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
[1061] ; This will be the legacy SIP client
type=friend;
username=1061;
host=dynamic;
secret=password;
context=default;
編輯的extensions.conf讓每一個同行呼籲:
[default]
exten => 1060,1,Dial(SIP/1060) ; Dialing 1060 will call the SIP client registered to 1060
exten => 1061,1,Dial(SIP/1061) ; Dialing 1061 will call the SIP client registered to 1061
啓動Asterisk的服務:
sudo service asterisk start
打開所需的端口:
[Ubuntu] :
sudo ufw allow 5060 (or whatever port you have choosen in sip.conf `udpbindaddr=10.x.x.x:5060; tcpbindaddr=10.x.x.x:5060;tlsbindaddr=10.x.x.x:5061`)
sudo ufw allow 5061
sudo ufw allow 8088 (or whatever port you have choosen in http.conf : `bindport=8088`)
sudo ufw allow 8089 (or whatever port you have choosen in http.conf : `tlsbindaddr=10.x.x.x:8089`)
sudo ufw allow 10000:20000/udp (or whatever range you have choosen in rtp.conf : `rtpstart=10000; rtpend=20000`)
[or if you are on Debian] :
sudo iptables -A INPUT -p tcp --dport 5060 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5061 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8088 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8089 -j ACCEPT
sudo iptables -A INPUT -p tcp --match multiport --dports 10000:20000 -j ACCEPT
重啓(或啓動)的服務:從另一臺機器sudo service asterisk restart
測試的WebSockets:與sudo apt-get install wscat –y
## If error "connect ECONNREFUSED" it's not OK.
## If Echo service returns your messages, it's OK.
wscat -s echo -c ws://10.x.x.x:8088/ws
## The same command with WSS should work if you've installed WSS.
使用JavaScript客戶端(例如JsSIP,sipML5,WebRTComm)測試您的SIP over WebSocket ...
使用sudo asterisk -vvvvvv -g -dddddd -r訪問SIP控制檯進行調試和跟蹤。
要做與Asterisk 12相同的工作,只需在Asterisk安裝中用Asterisk-12替換Asterisk-11即可。
在這裏,您可以使用Realtime,WS,WSS(省略ODBC conf)找到完整的Asterisk 12 conf文件。我張貼,因爲你可能會發現有用的檢查,如果一些參數在缺少你安裝:
的http.conf
;
; Asterisk Builtin mini-HTTP server
;
[general]
enabled=yes;
bindaddr=10.x.x.x;
bindport=8088;
tlsenable=yes ; enable tls - default no.
tlsbindaddr=10.x.x.x:8089 ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/asterisk.pem ; path to the certificate file (*.pem) only.
tlsprivatekey=/etc/asterisk/keys/asterisk.pem ; path to private key file (*.pem) only.
extensions.conf文件(用於實時做出!!)
[general]
[globals]
;
[default]
switch =>Realtime
modules.conf(用於Realtime !!!)
[modules]
autoload=yes
preload => res_odbc.so
preload => res_config_odbc.so
noload => pbx_gtkconsole.so
load => res_musiconhold.so
noload => chan_alsa.so
noload => chan_console.so
extconfig.conf(用於實時!!!)
[settings]
sippeers => odbc,YourAsteriskrealtimeDB,sippeers
sipusers => odbc,YourAsteriskrealtimeDB,sippeers
extensions => odbc,YourAsteriskrealtimeDB,extensions
ps_endpoints => odbc,YourAsteriskrealtimeDB,ps_endpoints
ps_auths => odbc,YourAsteriskrealtimeDB,ps_auths
的asterisk.conf
[directories](!)
astetcdir => /etc/asterisk
astmoddir => /usr/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => /usr/sbin
[options];
verbose = 3;
debug = 3;
highpriority = yes ; Run realtime priority (same as -p at startup).
initcrypto = yes ; Initialize crypto keys (same as -i at startup).
[compat];
pbx_realtime=1.6;
res_agi=1.6;
app_set=1.6;
rtp.conf
;
; RTP Configuration
;
[general];
rtpstart=10000;
rtpend=20000;
icesupport=true;
stunaddr=stun.l.google.com:19302;
sip.conf
;
; SIP Configuration for Asterisk
;
[general]
context=default ; Default context for incoming calls. Defaults to 'default'
allowoverlap=no ; Disable overlap dialing support. (Default is yes)
realm=YourAsteriskREALM ; Realm for digest authentication
; defaults to "asterisk". If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name
udpbindaddr=10.x.x.x ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
videosupport=yes ; Turn on support for SIP video. You need to turn this
; on in this section to get any video support at all.
; You can turn it off on a per peer basis if the general
; video support is enabled, but you can't enable it for
; one peer only without enabling in the general section.
; If you set videosupport to "always", then RTP ports will
; always be set up for video, even on clients that don't
; support it. This assists callfile-derived calls and
; certain transferred calls to use always use video when
; available. [yes|NO|always]
rtsavepath=yes ; If using dynamic realtime, store the path headers
send_diversion=no ; Default "yes" ; Asterisk normally sends Diversion headers with certain SIP
; invites to relay data about forwarded calls. If this option
; is disabled, Asterisk won't send Diversion headers unless
; they are added manually.
rtpkeepalive=2 ; Send keepalives in the RTP stream to keep NAT open (default is off - zero)(secs)
;--------------------------- SIP DEBUGGING ---------------------------------------------------
sipdebug = yes ; Turn on SIP debugging by default, from
; the moment the channel loads this configuration
icesupport = yes;
;----------------------------------------- REALTIME SUPPORT ------------------------
; For additional information on ARA, the Asterisk Realtime Architecture,
; please read https://wiki.asterisk.org/wiki/display/AST/Realtime+Database+Configuration
;
rtcachefriends=yes ; Cache realtime friends by adding them to the internal list
; just like friends added from the config file only on a
; as-needed basis? (yes|no)
rtsavesysname=yes ; Save systemname in realtime database at registration
; Default= no
rtupdate=yes ; Send registry updates to database using realtime? (yes|no)
; If set to yes, when a SIP UA registers successfully, the ip address,
; the origination port, the registration period, and the username of
; the UA will be set to database via realtime.
; If not present, defaults to 'yes'. Note: realtime peers will
; probably not function across reloads in the way that you expect, if
; you turn this option off.
rtautoclear=yes ; Auto-Expire friends created on the fly on the same schedule
; as if it had just registered? (yes|no|<seconds>)
; If set to yes, when the registration expires, the friend will
; vanish from the configuration until requested again. If set
; to an integer, friends expire within this number of seconds
; instead of the registration interval.
[authentication]
;
; DTLS-SRTP CONFIGURATION
;
dtlsenable = yes ; Enable or disable DTLS-SRTP support
dtlsverify = no ; Verify that provided peer certificate and fingerprint are valid
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Path to certificate file to present
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Path to private key for certificate file
dtlssetup = actpass ; Whether we are willing to accept connections, connect to the other party, or both.
[basic-options](!) ; a template
dtmfmode=rfc2833
context=from-office
type=friend
[natted-phone](!,basic-options) ; another template inheriting basic-options
directmedia=no
host=dynamic
[public-phone](!,basic-options) ; another template inheriting basic-options
directmedia=yes
[my-codecs](!) ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
[ulaw-phone](!) ; and another one for ulaw-only
disallow=all
allow=ulaw
[1060] ; This will be WebRTC client
type=friend
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
[1061] ; This will be the legacy SIP client
type=friend
username=1061
host=dynamic
secret=password
context=default
res_odbc.conf(只爲Asterisk實時!!!!)
[YourAsteriskrealtimeDB]
enabled => yes
dsn => your-asterisk-BD-connector-name-as-defined-in-file-odbcinst.ini
username => YourMySQLUser
password => YourMySQLPassword
pre-connect => yes
如果使用實時,插入下面的通用撥號方案:
INSERT INTO `extensions` ( `context`, `exten`, `priority`, `app`, `appdata` ) VALUES ( 'default', '_X.', 1, 'Dial', 'SIP/${EXTEN}' );
添加證書細節的http.conf。以下爲我工作。
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/path-to/cert.pem
tlsprivatekey=/path-to/privkey.pem
請發佈完整的http.conf,sip.conf和您的模塊列表(在CLI中:'show modules')。同時啓動SIP調試('sip set debug on')並在嘗試撥打電話時監控CLI。在你的問題中發佈整個事情。 **請記得編輯您發佈的conf的內容以隱藏密碼/服務器地址。**您是否已經關注了wiki [可在此處](https://wiki.asterisk.org/wiki/display/AST/Asterisk+WebRTC+支持)? – 2014-10-08 22:15:08