Websocket连接失败,带星号11
我正在尝试将websocket配置为使用星号11。但也有一些问题。 我所采取的步骤如下: 在http.conf中,启用了以下Websocket连接失败,带星号11,websocket,asterisk,webrtc,rtp,dtls,Websocket,Asterisk,Webrtc,Rtp,Dtls,我正在尝试将websocket配置为使用星号11。但也有一些问题。 我所采取的步骤如下: 在http.conf中,启用了以下 enabled=yes bindaddr=0.0.0.0 bindport=8088 我还配置了带有DTLS支持的星号。 但当我尝试连接到websocket时,新的websocket(“ws://mySeverIp:8088/ws”)。它抛出了一个错误 WebSocket connection failed: Error during WebSocket ha
enabled=yes
bindaddr=0.0.0.0
bindport=8088
我还配置了带有DTLS支持的星号。
但当我尝试连接到websocket时,新的websocket(“ws://mySeverIp:8088/ws”)。它抛出了一个错误
WebSocket connection failed: Error during WebSocket handshake: Unexpected response code: 400
任何人都请帮忙
谢谢这里是完整的安装指南。请让我知道这是否解决了您的问题。 星号还提供了一个 安装SRTP:
cd ~
git clone https://github.com/cisco/libsrtp.git
cd libsrtp/
autoconf
./configure CFLAGS=-fPIC --prefix=/usr
make
make runtest
sudo make install
安装PJPROJECT:
cd ~
git clone https://github.com/asterisk/pjproject pjproject
cd pjproject/
./configure --prefix=/usr --enable-shared --disable-sound --disable-resample --disable-video --disable-opencore-amr --with-external-srtp
make
sudo make install
安装UUID开发库(星号12不需要):
安装星号11:
cd ~
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-11-current.tar.gz
tar -xzf asterisk-11-current.tar.gz
为SRTP生成和安装DTLS证书:
cd asterisk*/contrib/scripts
sudo mkdir /etc/asterisk/
sudo mkdir /etc/asterisk/keys/
要生成自签名SSL证书,请使用以下命令:
### Replace 10.x.x.x by the IP adress of your server. 10.x.x.x is intern, use a public IP if your Asterisk will be exposed over Internet.
sudo ./ast_tls_cert -C 10.x.x.x -O "Your Company" -d /etc/asterisk/keys
在此过程中,将要求您选择一个密钥。每次输入相同的键,按[code>Enter]键有效
如果要从证书颁发机构生成SSL证书,请使用以下方法:本例中的证书路径是
/etc/asterisk/keys/asterisk.pem
安装Asterisk(是的,您需要使用PJPROJECT和LIBSRTP编译Asterisk):
检查包pbx\u realtime
,res\u odbc
,res\u http\u websocket
,res\u crypto
和chan\u sip
是否激活。这是在Asterisk中通过WS或WSS使用WebRTC的必备工具
make
sudo make install
sudo make config
## Recommended demo conf files with :
sudo make samples
cd ~
在/etc/asterisk/http.conf
(管理http Apache asterisk Web实例的文件)中激活WebSockets和SecureWebSockets。如果使用Asterisk Realtime(ODBC),则必须在每个对等方中指定文件(表sippeers
中的行dtlscertfile
和dtlsprivatekey
):
确保文件夹的权限正确:(用运行星号服务的用户替换星号库)
在sip.conf中创建WebRTC对等点(复制以创建其他用户):
编辑extensions.conf以允许每个对等方调用:
[default]
exten => 1060,1,Dial(SIP/1060) ; Dialing 1060 will call the SIP client registered to 1060
exten => 1061,1,Dial(SIP/1061) ; Dialing 1061 will call the SIP client registered to 1061
启动星号服务:
sudo service asterisk start
打开所需的端口:
[Ubuntu] :
sudo ufw allow 5060 (or whatever port you have choosen in sip.conf `udpbindaddr=10.x.x.x:5060; tcpbindaddr=10.x.x.x:5060;tlsbindaddr=10.x.x.x:5061`)
sudo ufw allow 5061
sudo ufw allow 8088 (or whatever port you have choosen in http.conf : `bindport=8088`)
sudo ufw allow 8089 (or whatever port you have choosen in http.conf : `tlsbindaddr=10.x.x.x:8089`)
sudo ufw allow 10000:20000/udp (or whatever range you have choosen in rtp.conf : `rtpstart=10000; rtpend=20000`)
[or if you are on Debian] :
sudo iptables -A INPUT -p tcp --dport 5060 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5061 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8088 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8089 -j ACCEPT
sudo iptables -A INPUT -p tcp --match multiport --dports 10000:20000 -j ACCEPT
重新启动(或启动)服务:sudo服务星号重新启动
从另一台机器测试WebSocket:使用sudo apt get Install WSCAT–y安装WSCAT
## If error "connect ECONNREFUSED" it's not OK.
## If Echo service returns your messages, it's OK.
wscat -s echo -c ws://10.x.x.x:8088/ws
## The same command with WSS should work if you've installed WSS.
使用Javascript客户端(如JsSIP、sipML5、WebRTComm等)通过WebSocket测试SIP
使用sudo asterisk-vv-g-dddddd-r
访问SIP控制台以进行调试和跟踪
要对星号12执行相同的操作,只需在Asterisk install中将Asterisk-11替换为Asterisk-12即可
在这里,您可以使用Realtime、WS、WSS(ommitting ODBC conf)找到星号12的完整conf文件。我发布它是因为您可能会发现检查安装中是否缺少某些参数是有用的:
http.conf
;
; Asterisk Builtin mini-HTTP server
;
[general]
enabled=yes;
bindaddr=10.x.x.x;
bindport=8088;
tlsenable=yes ; enable tls - default no.
tlsbindaddr=10.x.x.x:8089 ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/asterisk.pem ; path to the certificate file (*.pem) only.
tlsprivatekey=/etc/asterisk/keys/asterisk.pem ; path to private key file (*.pem) only.
extensions.conf(专为实时设计!!)
modules.conf(专为实时设计!!!)
extconfig.conf(专为实时设计!!!)
asterisk.conf
[directories](!)
astetcdir => /etc/asterisk
astmoddir => /usr/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => /usr/sbin
[options];
verbose = 3;
debug = 3;
highpriority = yes ; Run realtime priority (same as -p at startup).
initcrypto = yes ; Initialize crypto keys (same as -i at startup).
[compat];
pbx_realtime=1.6;
res_agi=1.6;
app_set=1.6;
rtp.conf
;
; RTP Configuration
;
[general];
rtpstart=10000;
rtpend=20000;
icesupport=true;
stunaddr=stun.l.google.com:19302;
sip.conf
;
; SIP Configuration for Asterisk
;
[general]
context=default ; Default context for incoming calls. Defaults to 'default'
allowoverlap=no ; Disable overlap dialing support. (Default is yes)
realm=YourAsteriskREALM ; Realm for digest authentication
; defaults to "asterisk". If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name
udpbindaddr=10.x.x.x ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
videosupport=yes ; Turn on support for SIP video. You need to turn this
; on in this section to get any video support at all.
; You can turn it off on a per peer basis if the general
; video support is enabled, but you can't enable it for
; one peer only without enabling in the general section.
; If you set videosupport to "always", then RTP ports will
; always be set up for video, even on clients that don't
; support it. This assists callfile-derived calls and
; certain transferred calls to use always use video when
; available. [yes|NO|always]
rtsavepath=yes ; If using dynamic realtime, store the path headers
send_diversion=no ; Default "yes" ; Asterisk normally sends Diversion headers with certain SIP
; invites to relay data about forwarded calls. If this option
; is disabled, Asterisk won't send Diversion headers unless
; they are added manually.
rtpkeepalive=2 ; Send keepalives in the RTP stream to keep NAT open (default is off - zero)(secs)
;--------------------------- SIP DEBUGGING ---------------------------------------------------
sipdebug = yes ; Turn on SIP debugging by default, from
; the moment the channel loads this configuration
icesupport = yes;
;----------------------------------------- REALTIME SUPPORT ------------------------
; For additional information on ARA, the Asterisk Realtime Architecture,
; please read https://wiki.asterisk.org/wiki/display/AST/Realtime+Database+Configuration
;
rtcachefriends=yes ; Cache realtime friends by adding them to the internal list
; just like friends added from the config file only on a
; as-needed basis? (yes|no)
rtsavesysname=yes ; Save systemname in realtime database at registration
; Default= no
rtupdate=yes ; Send registry updates to database using realtime? (yes|no)
; If set to yes, when a SIP UA registers successfully, the ip address,
; the origination port, the registration period, and the username of
; the UA will be set to database via realtime.
; If not present, defaults to 'yes'. Note: realtime peers will
; probably not function across reloads in the way that you expect, if
; you turn this option off.
rtautoclear=yes ; Auto-Expire friends created on the fly on the same schedule
; as if it had just registered? (yes|no|<seconds>)
; If set to yes, when the registration expires, the friend will
; vanish from the configuration until requested again. If set
; to an integer, friends expire within this number of seconds
; instead of the registration interval.
[authentication]
;
; DTLS-SRTP CONFIGURATION
;
dtlsenable = yes ; Enable or disable DTLS-SRTP support
dtlsverify = no ; Verify that provided peer certificate and fingerprint are valid
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Path to certificate file to present
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Path to private key for certificate file
dtlssetup = actpass ; Whether we are willing to accept connections, connect to the other party, or both.
[basic-options](!) ; a template
dtmfmode=rfc2833
context=from-office
type=friend
[natted-phone](!,basic-options) ; another template inheriting basic-options
directmedia=no
host=dynamic
[public-phone](!,basic-options) ; another template inheriting basic-options
directmedia=yes
[my-codecs](!) ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
[ulaw-phone](!) ; and another one for ulaw-only
disallow=all
allow=ulaw
[1060] ; This will be WebRTC client
type=friend
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
[1061] ; This will be the legacy SIP client
type=friend
username=1061
host=dynamic
secret=password
context=default
如果使用Realtime,请插入以下通用拨号计划:
INSERT INTO `extensions` ( `context`, `exten`, `priority`, `app`, `appdata` ) VALUES ( 'default', '_X.', 1, 'Dial', 'SIP/${EXTEN}' );
将证书详细信息添加到http.conf。以下几点对我有用
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/path-to/cert.pem
tlsprivatekey=/path-to/privkey.pem
请发布完整的http.conf、sip.conf和模块列表(在CLI中:show modules
)。同时激活SIP调试(SIP set debug on
)并在尝试呼叫时监视CLI。把整件事都写在你的问题里。记住编辑您发布的conf内容以隐藏密码/服务器地址。你关注维基帖子了吗?
[general]
[globals]
;
[default]
switch =>Realtime
[modules]
autoload=yes
preload => res_odbc.so
preload => res_config_odbc.so
noload => pbx_gtkconsole.so
load => res_musiconhold.so
noload => chan_alsa.so
noload => chan_console.so
[settings]
sippeers => odbc,YourAsteriskrealtimeDB,sippeers
sipusers => odbc,YourAsteriskrealtimeDB,sippeers
extensions => odbc,YourAsteriskrealtimeDB,extensions
ps_endpoints => odbc,YourAsteriskrealtimeDB,ps_endpoints
ps_auths => odbc,YourAsteriskrealtimeDB,ps_auths
[directories](!)
astetcdir => /etc/asterisk
astmoddir => /usr/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => /usr/sbin
[options];
verbose = 3;
debug = 3;
highpriority = yes ; Run realtime priority (same as -p at startup).
initcrypto = yes ; Initialize crypto keys (same as -i at startup).
[compat];
pbx_realtime=1.6;
res_agi=1.6;
app_set=1.6;
;
; RTP Configuration
;
[general];
rtpstart=10000;
rtpend=20000;
icesupport=true;
stunaddr=stun.l.google.com:19302;
;
; SIP Configuration for Asterisk
;
[general]
context=default ; Default context for incoming calls. Defaults to 'default'
allowoverlap=no ; Disable overlap dialing support. (Default is yes)
realm=YourAsteriskREALM ; Realm for digest authentication
; defaults to "asterisk". If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name
udpbindaddr=10.x.x.x ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
videosupport=yes ; Turn on support for SIP video. You need to turn this
; on in this section to get any video support at all.
; You can turn it off on a per peer basis if the general
; video support is enabled, but you can't enable it for
; one peer only without enabling in the general section.
; If you set videosupport to "always", then RTP ports will
; always be set up for video, even on clients that don't
; support it. This assists callfile-derived calls and
; certain transferred calls to use always use video when
; available. [yes|NO|always]
rtsavepath=yes ; If using dynamic realtime, store the path headers
send_diversion=no ; Default "yes" ; Asterisk normally sends Diversion headers with certain SIP
; invites to relay data about forwarded calls. If this option
; is disabled, Asterisk won't send Diversion headers unless
; they are added manually.
rtpkeepalive=2 ; Send keepalives in the RTP stream to keep NAT open (default is off - zero)(secs)
;--------------------------- SIP DEBUGGING ---------------------------------------------------
sipdebug = yes ; Turn on SIP debugging by default, from
; the moment the channel loads this configuration
icesupport = yes;
;----------------------------------------- REALTIME SUPPORT ------------------------
; For additional information on ARA, the Asterisk Realtime Architecture,
; please read https://wiki.asterisk.org/wiki/display/AST/Realtime+Database+Configuration
;
rtcachefriends=yes ; Cache realtime friends by adding them to the internal list
; just like friends added from the config file only on a
; as-needed basis? (yes|no)
rtsavesysname=yes ; Save systemname in realtime database at registration
; Default= no
rtupdate=yes ; Send registry updates to database using realtime? (yes|no)
; If set to yes, when a SIP UA registers successfully, the ip address,
; the origination port, the registration period, and the username of
; the UA will be set to database via realtime.
; If not present, defaults to 'yes'. Note: realtime peers will
; probably not function across reloads in the way that you expect, if
; you turn this option off.
rtautoclear=yes ; Auto-Expire friends created on the fly on the same schedule
; as if it had just registered? (yes|no|<seconds>)
; If set to yes, when the registration expires, the friend will
; vanish from the configuration until requested again. If set
; to an integer, friends expire within this number of seconds
; instead of the registration interval.
[authentication]
;
; DTLS-SRTP CONFIGURATION
;
dtlsenable = yes ; Enable or disable DTLS-SRTP support
dtlsverify = no ; Verify that provided peer certificate and fingerprint are valid
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Path to certificate file to present
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Path to private key for certificate file
dtlssetup = actpass ; Whether we are willing to accept connections, connect to the other party, or both.
[basic-options](!) ; a template
dtmfmode=rfc2833
context=from-office
type=friend
[natted-phone](!,basic-options) ; another template inheriting basic-options
directmedia=no
host=dynamic
[public-phone](!,basic-options) ; another template inheriting basic-options
directmedia=yes
[my-codecs](!) ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
[ulaw-phone](!) ; and another one for ulaw-only
disallow=all
allow=ulaw
[1060] ; This will be WebRTC client
type=friend
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
[1061] ; This will be the legacy SIP client
type=friend
username=1061
host=dynamic
secret=password
context=default
[YourAsteriskrealtimeDB]
enabled => yes
dsn => your-asterisk-BD-connector-name-as-defined-in-file-odbcinst.ini
username => YourMySQLUser
password => YourMySQLPassword
pre-connect => yes
INSERT INTO `extensions` ( `context`, `exten`, `priority`, `app`, `appdata` ) VALUES ( 'default', '_X.', 1, 'Dial', 'SIP/${EXTEN}' );
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/path-to/cert.pem
tlsprivatekey=/path-to/privkey.pem