WebRTC Configuration guide
FOP2 includes a webrtc based phone plugin so you can make and receive calls directly from your browser.
You can install the plugin via the FOP2 Manager as any other plugin. But for it to work fully, your Asterisk backend must support webrtc and be configured accordingly.
This short guide will explain how to configure the basic WebRTC setup in your Asterisk/Issabel system. Adding webrtc support on your backend is mandatory for the plugin to work. If you need assistance with that, you will have to purchase the corresponding support from our Professional Services section.
Requirements
The WebRTC phone plugin was tested with Asterisk 11 & 13. New versions of Asterisk will probably work fine. Older versions won't work.
- Asterisk 11 or higher
- SSL Certificates configured
- Open port TCP/8089 on your Firewall
Configuring SSL certificates for Asterisk
This will work on Issabel and other Asterisk systems using Apache/Centos, for other setups you might need to change httpd config paths accordingly:
Note
Some systems already create the certificate file for you. For example, if you set up an SSL certificate via Letsencrypt on your Issabel PBX, this step should be skipped. You can verify the file existence just by using the ls command:
ls -la /etc/asterisk/keys/asterisk/pem
If the file is there, just skip this step.
We will use your server command line to create the proper certificates, so you must log into it via SSH/Putty.
First create a directory for storing the SSL keys
mkdir -p /etc/asterisk/keys
Then create a certificate file for Asterisk, based on your browser current certs:
for A in `grep '^SSLCert' /etc/httpd/conf.d/ssl.conf | grep -v chain | awk '{print $2}'`; do cat $A >>/etc/asterisk/keys/asterisk.pem; done
Once the file is created, change permissions to it:
chown -R asterisk.asterisk /etc/asterisk/keys
Enabling HTTPS support and certificate files in Asterisk
In order to configure HTTPS suport you must use unembeded IssabelPBX option. To enable it, go to Security / Advanced Settings and turn it on:
Once it is turned on, go to PBX / PBX Configuration and select the Unembedded IssabelPBX option (at the very bottom of the PBX menu)
Once clicked a new browser window will appear, look for the Settings / Advanced Settings menu there. You will have to configure it like in the following image:
It might happen that you do not see the above entries in the mini-HTTP server section. If that is the case, and only if you do not see the HTTPS options on Advanced Settings, you will need to manually insert some entries into a MariadB database. From the command line, copy and paste this command to do so (this is for Issabel Systems only. Have your MariaDB root password handy as you will be prompted for it.). Again, do not do this if you were able to setup the previous step:
mysql -u root -p asterisk -e "INSERT INTO issabelpbx_settings VALUES ('HTTPSBINDADDRESS','0.0.0.0:8089','HTTPS Bind Address/Port',2,'Address and port to bind to for HTTPS. Default is 127.0.0.1:8089','text','','127.0.0.1:8089',0,0,'Asterisk Builtin mini-HTTP server','',0,0),('HTTPSCERTFILE','/etc/asterisk/keys/cert.pem','Certificate file',2,'Full path to certificate file for HTTPS.','text','','/var/lib/asterisk/keys/localhost.crt',0,0,'Asterisk Builtin mini-HTTP server','',0,0),('HTTPSENABLED','1','Enable HTTPS support for the mini-HTTP Server',1,'Whether to enable HTTPS support for the Asterisk HTTP interface. Default is no.','bool','','0',0,0,'Asterisk Builtin mini-HTTP server','',0,0),('HTTPSPRIVATEKEY','/etc/asterisk/keys/priv.pem','Private key file',2,'Full path to private key file for HTTPS. If empty, default is to look into certificate file for private key.','text','','/var/lib/asterisk/keys/localhost.key',0,0,'Asterisk Builtin mini-HTTP server','',1,0);"
Configuring an Extension for WebRTC support
The last step is to configure a particular extension to enable WebRTC support. In your regular Issabel GUI go to PBX / PBX configuration / Extensions, select the SIP extension you want to modify to work via webrtc and set the following parameters:
That is all you need to do on your Asterisk/Issabel side.
Note
Do not forget to open up port TCP/8089 on your firewall in order for webRTC clients to connect to your Asterisk server.
Audio issues when Asterisk is behind NAT
If your Asterisk PBX is behind NAT, then most probably you will have no audio at all when placing WebRTC calls from the outside world. You must configure RTP so it can detect your public IP address and give the option to clients to negotiate from there (Similar to ExternIP configurations in SIP.conf).
To do so you must edit the file /etc/asterisk/rtp_custom.conf and add this:
icesupport=true
stunaddr=stun.alphacron.de:3478
After the change, be sure to reload Asterisk.