Websocket连接失败,带星号11
我正在尝试将websocket配置为使用星号11。但也有一些问题。 我所采取的步骤如下: 在http.conf中,启用了以下Websocket连接失败,带星号11,websocket,asterisk,webrtc,rtp,dtls,Websocket,Asterisk,Webrtc,Rtp,Dtls,我正在尝试将websocket配置为使用星号11。但也有一些问题。 我所采取的步骤如下: 在http.conf中,启用了以下 enabled=yes bindaddr=0.0.0.0 bindport=8088 我还配置了带有DTLS支持的星号。 但当我尝试连接到websocket时,新的websocket(“ws://mySeverIp:8088/ws”)。它抛出了一个错误 WebSocket connection failed: Error during WebSocket ha
enabled=yes
bindaddr=0.0.0.0
bindport=8088
WebSocket connection failed: Error during WebSocket handshake: Unexpected response code: 400
谢谢这里是完整的安装指南。请让我知道这是否解决了您的问题。 星号还提供了一个 安装SRTP:
cd ~
git clone https://github.com/cisco/libsrtp.git
cd libsrtp/
autoconf
./configure CFLAGS=-fPIC --prefix=/usr
make
make runtest
sudo make install
cd ~
git clone https://github.com/asterisk/pjproject pjproject
cd pjproject/
./configure --prefix=/usr --enable-shared --disable-sound --disable-resample --disable-video --disable-opencore-amr --with-external-srtp
make
sudo make install
cd ~
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-11-current.tar.gz
tar -xzf asterisk-11-current.tar.gz
cd asterisk*/contrib/scripts
sudo mkdir /etc/asterisk/
sudo mkdir /etc/asterisk/keys/
### Replace 10.x.x.x by the IP adress of your server. 10.x.x.x is intern, use a public IP if your Asterisk will be exposed over Internet.
sudo ./ast_tls_cert -C 10.x.x.x -O "Your Company" -d /etc/asterisk/keys
本例中的证书路径是
/etc/asterisk/keys/asterisk.pempbx\u realtimeres\u odbcres\u http\u websocketres\u cryptochan\u sipmake
sudo make install
sudo make config
## Recommended demo conf files with :
sudo make samples
cd ~
/etc/asterisk/http.confsippeersdtlscertfiledtlsprivatekey[default]
exten => 1060,1,Dial(SIP/1060) ; Dialing 1060 will call the SIP client registered to 1060
exten => 1061,1,Dial(SIP/1061) ; Dialing 1061 will call the SIP client registered to 1061
sudo service asterisk start
[Ubuntu] :
sudo ufw allow 5060 (or whatever port you have choosen in sip.conf `udpbindaddr=10.x.x.x:5060; tcpbindaddr=10.x.x.x:5060;tlsbindaddr=10.x.x.x:5061`)
sudo ufw allow 5061
sudo ufw allow 8088 (or whatever port you have choosen in http.conf : `bindport=8088`)
sudo ufw allow 8089 (or whatever port you have choosen in http.conf : `tlsbindaddr=10.x.x.x:8089`)
sudo ufw allow 10000:20000/udp (or whatever range you have choosen in rtp.conf : `rtpstart=10000; rtpend=20000`)
[or if you are on Debian] :
sudo iptables -A INPUT -p tcp --dport 5060 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5061 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8088 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8089 -j ACCEPT
sudo iptables -A INPUT -p tcp --match multiport --dports 10000:20000 -j ACCEPT
sudo服务星号重新启动sudo apt get Install WSCAT–y安装WSCAT
## If error "connect ECONNREFUSED" it's not OK.
## If Echo service returns your messages, it's OK.
wscat -s echo -c ws://10.x.x.x:8088/ws
## The same command with WSS should work if you've installed WSS.
使用Javascript客户端(如JsSIP、sipML5、WebRTComm等)通过WebSocket测试SIP
使用sudo asterisk-vv-g-dddddd-r
访问SIP控制台以进行调试和跟踪
要对星号12执行相同的操作,只需在Asterisk install中将Asterisk-11替换为Asterisk-12即可
在这里,您可以使用Realtime、WS、WSS(ommitting ODBC conf)找到星号12的完整conf文件。我发布它是因为您可能会发现检查安装中是否缺少某些参数是有用的:
http.conf
;
; Asterisk Builtin mini-HTTP server
;
[general]
enabled=yes;
bindaddr=10.x.x.x;
bindport=8088;
tlsenable=yes ; enable tls - default no.
tlsbindaddr=10.x.x.x:8089 ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/asterisk.pem ; path to the certificate file (*.pem) only.
tlsprivatekey=/etc/asterisk/keys/asterisk.pem ; path to private key file (*.pem) only.
extensions.conf(专为实时设计!!)
modules.conf(专为实时设计!!!)
extconfig.conf(专为实时设计!!!)
asterisk.conf
[directories](!)
astetcdir => /etc/asterisk
astmoddir => /usr/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => /usr/sbin
[options];
verbose = 3;
debug = 3;
highpriority = yes ; Run realtime priority (same as -p at startup).
initcrypto = yes ; Initialize crypto keys (same as -i at startup).
[compat];
pbx_realtime=1.6;
res_agi=1.6;
app_set=1.6;
rtp.conf
;
; RTP Configuration
;
[general];
rtpstart=10000;
rtpend=20000;
icesupport=true;
stunaddr=stun.l.google.com:19302;
sip.conf
;
; SIP Configuration for Asterisk
;
[general]
context=default ; Default context for incoming calls. Defaults to 'default'
allowoverlap=no ; Disable overlap dialing support. (Default is yes)
realm=YourAsteriskREALM ; Realm for digest authentication
; defaults to "asterisk". If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name
udpbindaddr=10.x.x.x ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
videosupport=yes ; Turn on support for SIP video. You need to turn this
; on in this section to get any video support at all.
; You can turn it off on a per peer basis if the general
; video support is enabled, but you can't enable it for
; one peer only without enabling in the general section.
; If you set videosupport to "always", then RTP ports will
; always be set up for video, even on clients that don't
; support it. This assists callfile-derived calls and
; certain transferred calls to use always use video when
; available. [yes|NO|always]
rtsavepath=yes ; If using dynamic realtime, store the path headers
send_diversion=no ; Default "yes" ; Asterisk normally sends Diversion headers with certain SIP
; invites to relay data about forwarded calls. If this option
; is disabled, Asterisk won't send Diversion headers unless
; they are added manually.
rtpkeepalive=2 ; Send keepalives in the RTP stream to keep NAT open (default is off - zero)(secs)
;--------------------------- SIP DEBUGGING ---------------------------------------------------
sipdebug = yes ; Turn on SIP debugging by default, from
; the moment the channel loads this configuration
icesupport = yes;
;----------------------------------------- REALTIME SUPPORT ------------------------
; For additional information on ARA, the Asterisk Realtime Architecture,
; please read https://wiki.asterisk.org/wiki/display/AST/Realtime+Database+Configuration
;
rtcachefriends=yes ; Cache realtime friends by adding them to the internal list
; just like friends added from the config file only on a
; as-needed basis? (yes|no)
rtsavesysname=yes ; Save systemname in realtime database at registration
; Default= no
rtupdate=yes ; Send registry updates to database using realtime? (yes|no)
; If set to yes, when a SIP UA registers successfully, the ip address,
; the origination port, the registration period, and the username of
; the UA will be set to database via realtime.
; If not present, defaults to 'yes'. Note: realtime peers will
; probably not function across reloads in the way that you expect, if
; you turn this option off.
rtautoclear=yes ; Auto-Expire friends created on the fly on the same schedule
; as if it had just registered? (yes|no|<seconds>)
; If set to yes, when the registration expires, the friend will
; vanish from the configuration until requested again. If set
; to an integer, friends expire within this number of seconds
; instead of the registration interval.
[authentication]
;
; DTLS-SRTP CONFIGURATION
;
dtlsenable = yes ; Enable or disable DTLS-SRTP support
dtlsverify = no ; Verify that provided peer certificate and fingerprint are valid
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Path to certificate file to present
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Path to private key for certificate file
dtlssetup = actpass ; Whether we are willing to accept connections, connect to the other party, or both.
[basic-options](!) ; a template
dtmfmode=rfc2833
context=from-office
type=friend
[natted-phone](!,basic-options) ; another template inheriting basic-options
directmedia=no
host=dynamic
[public-phone](!,basic-options) ; another template inheriting basic-options
directmedia=yes
[my-codecs](!) ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
[ulaw-phone](!) ; and another one for ulaw-only
disallow=all
allow=ulaw
[1060] ; This will be WebRTC client
type=friend
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
[1061] ; This will be the legacy SIP client
type=friend
username=1061
host=dynamic
secret=password
context=default
如果使用Realtime,请插入以下通用拨号计划:
INSERT INTO `extensions` ( `context`, `exten`, `priority`, `app`, `appdata` ) VALUES ( 'default', '_X.', 1, 'Dial', 'SIP/${EXTEN}' );
将证书详细信息添加到http.conf。以下几点对我有用
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/path-to/cert.pem
tlsprivatekey=/path-to/privkey.pem
请发布完整的http.conf、sip.conf和模块列表(在CLI中:show modules
)。同时激活SIP调试(SIP set debug on
)并在尝试呼叫时监视CLI。把整件事都写在你的问题里。记住编辑您发布的conf内容以隐藏密码/服务器地址。你关注维基帖子了吗?
[general]
[globals]
;
[default]
switch =>Realtime
[modules]
autoload=yes
preload => res_odbc.so
preload => res_config_odbc.so
noload => pbx_gtkconsole.so
load => res_musiconhold.so
noload => chan_alsa.so
noload => chan_console.so
[settings]
sippeers => odbc,YourAsteriskrealtimeDB,sippeers
sipusers => odbc,YourAsteriskrealtimeDB,sippeers
extensions => odbc,YourAsteriskrealtimeDB,extensions
ps_endpoints => odbc,YourAsteriskrealtimeDB,ps_endpoints
ps_auths => odbc,YourAsteriskrealtimeDB,ps_auths
[directories](!)
astetcdir => /etc/asterisk
astmoddir => /usr/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => /usr/sbin
[options];
verbose = 3;
debug = 3;
highpriority = yes ; Run realtime priority (same as -p at startup).
initcrypto = yes ; Initialize crypto keys (same as -i at startup).
[compat];
pbx_realtime=1.6;
res_agi=1.6;
app_set=1.6;
;
; RTP Configuration
;
[general];
rtpstart=10000;
rtpend=20000;
icesupport=true;
stunaddr=stun.l.google.com:19302;
;
; SIP Configuration for Asterisk
;
[general]
context=default ; Default context for incoming calls. Defaults to 'default'
allowoverlap=no ; Disable overlap dialing support. (Default is yes)
realm=YourAsteriskREALM ; Realm for digest authentication
; defaults to "asterisk". If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name
udpbindaddr=10.x.x.x ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
videosupport=yes ; Turn on support for SIP video. You need to turn this
; on in this section to get any video support at all.
; You can turn it off on a per peer basis if the general
; video support is enabled, but you can't enable it for
; one peer only without enabling in the general section.
; If you set videosupport to "always", then RTP ports will
; always be set up for video, even on clients that don't
; support it. This assists callfile-derived calls and
; certain transferred calls to use always use video when
; available. [yes|NO|always]
rtsavepath=yes ; If using dynamic realtime, store the path headers
send_diversion=no ; Default "yes" ; Asterisk normally sends Diversion headers with certain SIP
; invites to relay data about forwarded calls. If this option
; is disabled, Asterisk won't send Diversion headers unless
; they are added manually.
rtpkeepalive=2 ; Send keepalives in the RTP stream to keep NAT open (default is off - zero)(secs)
;--------------------------- SIP DEBUGGING ---------------------------------------------------
sipdebug = yes ; Turn on SIP debugging by default, from
; the moment the channel loads this configuration
icesupport = yes;
;----------------------------------------- REALTIME SUPPORT ------------------------
; For additional information on ARA, the Asterisk Realtime Architecture,
; please read https://wiki.asterisk.org/wiki/display/AST/Realtime+Database+Configuration
;
rtcachefriends=yes ; Cache realtime friends by adding them to the internal list
; just like friends added from the config file only on a
; as-needed basis? (yes|no)
rtsavesysname=yes ; Save systemname in realtime database at registration
; Default= no
rtupdate=yes ; Send registry updates to database using realtime? (yes|no)
; If set to yes, when a SIP UA registers successfully, the ip address,
; the origination port, the registration period, and the username of
; the UA will be set to database via realtime.
; If not present, defaults to 'yes'. Note: realtime peers will
; probably not function across reloads in the way that you expect, if
; you turn this option off.
rtautoclear=yes ; Auto-Expire friends created on the fly on the same schedule
; as if it had just registered? (yes|no|<seconds>)
; If set to yes, when the registration expires, the friend will
; vanish from the configuration until requested again. If set
; to an integer, friends expire within this number of seconds
; instead of the registration interval.
[authentication]
;
; DTLS-SRTP CONFIGURATION
;
dtlsenable = yes ; Enable or disable DTLS-SRTP support
dtlsverify = no ; Verify that provided peer certificate and fingerprint are valid
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Path to certificate file to present
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Path to private key for certificate file
dtlssetup = actpass ; Whether we are willing to accept connections, connect to the other party, or both.
[basic-options](!) ; a template
dtmfmode=rfc2833
context=from-office
type=friend
[natted-phone](!,basic-options) ; another template inheriting basic-options
directmedia=no
host=dynamic
[public-phone](!,basic-options) ; another template inheriting basic-options
directmedia=yes
[my-codecs](!) ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
[ulaw-phone](!) ; and another one for ulaw-only
disallow=all
allow=ulaw
[1060] ; This will be WebRTC client
type=friend
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
[1061] ; This will be the legacy SIP client
type=friend
username=1061
host=dynamic
secret=password
context=default
[YourAsteriskrealtimeDB]
enabled => yes
dsn => your-asterisk-BD-connector-name-as-defined-in-file-odbcinst.ini
username => YourMySQLUser
password => YourMySQLPassword
pre-connect => yes
INSERT INTO `extensions` ( `context`, `exten`, `priority`, `app`, `appdata` ) VALUES ( 'default', '_X.', 1, 'Dial', 'SIP/${EXTEN}' );
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/path-to/cert.pem
tlsprivatekey=/path-to/privkey.pem