fragen stichworte

SIP.js Verbindung zu Asterisk 11.20 über WSS funktioniert nicht

Ich habe erfolgreich sip.js mit einem standard nicht sicheren ws://auf einem asterisk 11 Server mit Firefox 43 eingerichtet. Ich kann Anrufe zu einem anderen ff Browser/Hardphone machen und empfangen. Aber das funktioniert nicht mit der neuesten Chrom, Chrom 47. Ich konnte kein Audio bekommen (Chrome fragte nicht, welche Audio ich gerne verwenden würde. Es war immer bei "Erwerb von lokalen Medien" stecken)

sip-0.7.2.min.js:36 Sat Jan 16 2016 15:02:05 GMT-0500 (EST) | sip.invitecontext.mediahandler | acquiring local media

Aus dem, was ich gerade über Chrome 47, https://developers.google.com/web/updates/2015/10/chrome-47-webrtc?hl=de

lese

Ab Chrome 47 sind getUserMedia () -Anfragen nur von sicheren Quellen möglich: HTTPS oder localhost.

Also versuche ich, asterisk und sipjs so zu konfigurieren, dass sie sichere websockets (wss) verwenden und Probleme mit der wss-Verbindung haben. Chrome-Konsolenausgabe unten:

sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | configuration parameters after validation:
2016-01-16 14:17:01.816 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · viaHost: "192.0.2.190"
2016-01-16 14:17:01.817 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · uri: sip:1001@192.168.10.145
2016-01-16 14:17:01.819 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · wsServers: [{"ws_uri":"wss://192.168.10.145:8089/asterisk/ws","sip_uri":"<sip:192.168.10.145:8089;transport=ws;lr>","weight":0,"status":0,"scheme":"WSS"}]
2016-01-16 14:17:01.821 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · password: NOT SHOWN
2016-01-16 14:17:01.822 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · registerExpires: 600
2016-01-16 14:17:01.822 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · register: true
2016-01-16 14:17:01.823 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · registrarServer: sip:192.168.10.145
2016-01-16 14:17:01.823 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · wsServerMaxReconnection: 3
2016-01-16 14:17:01.823 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · wsServerReconnectionTimeout: 4
2016-01-16 14:17:01.823 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · connectionRecoveryMinInterval: 2
2016-01-16 14:17:01.824 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · connectionRecoveryMaxInterval: 30
2016-01-16 14:17:01.824 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · keepAliveInterval: 0
2016-01-16 14:17:01.824 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · extraSupported: []
2016-01-16 14:17:01.824 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · usePreloadedRoute: false
2016-01-16 14:17:01.825 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · userAgentString: "SIP.js/0.7.2"
2016-01-16 14:17:01.825 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · iceCheckingTimeout: 5000
2016-01-16 14:17:01.825 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · noAnswerTimeout: 30000
2016-01-16 14:17:01.826 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · stunServers: ["stun:stun.l.google.com:19302"]
2016-01-16 14:17:01.826 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · turnServers: []
2016-01-16 14:17:01.826 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · traceSip: true
2016-01-16 14:17:01.826 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · hackViaTcp: false
2016-01-16 14:17:01.827 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · hackIpInContact: true
2016-01-16 14:17:01.827 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · hackWssInTransport: true
2016-01-16 14:17:01.827 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · hackAllowUnregisteredOptionTags: false
2016-01-16 14:17:01.828 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · contactTransport: "wss"
2016-01-16 14:17:01.828 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · forceRport: false
2016-01-16 14:17:01.829 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · autostart: true
2016-01-16 14:17:01.829 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · rel100: "none"
2016-01-16 14:17:01.830 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · replaces: "none"
2016-01-16 14:17:01.830 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · mediaHandlerFactory: function (a,c){return new b(a,c)}
2016-01-16 14:17:01.831 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · authenticationFactory: undefined
2016-01-16 14:17:01.831 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · authorizationUser: "1001"
2016-01-16 14:17:01.831 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · displayName: "bobby laptop"
2016-01-16 14:17:01.832 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · instanceId: "4143f767-8b09-4e4f-b39e-dbe70a72605b"
2016-01-16 14:17:01.832 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · sipjsId: "e64e9"
2016-01-16 14:17:01.832 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · hostportParams: "192.168.10.145"
2016-01-16 14:17:01.833 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | · media: undefined
2016-01-16 14:17:01.865 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.ua | user requested startup...
2016-01-16 14:17:01.866 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:01 GMT-0500 (EST) | sip.transport | connecting to WebSocket wss://192.168.10.145:8089/asterisk/ws
2016-01-16 14:17:03.693 sip-0.7.2.min.js:39 WebSocket connection to 'wss://192.168.10.145:8089/asterisk/ws' failed: WebSocket opening handshake was canceled
2016-01-16 14:17:03.701 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:03 GMT-0500 (EST) | sip.transport | WebSocket connection error: {"isTrusted":true}
2016-01-16 14:17:03.704 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:03 GMT-0500 (EST) | sip.transport | WebSocket disconnected (code: 1006)
2016-01-16 14:17:03.705 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:03 GMT-0500 (EST) | sip.transport | WebSocket abrupt disconnection
2016-01-16 14:17:03.705 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:03 GMT-0500 (EST) | sip.ua | transport wss://192.168.10.145:8089/asterisk/ws failed | connection state set to 2
2016-01-16 14:17:03.706 sip-0.7.2.min.js:36 Sat Jan 16 2016 14:17:03 GMT-0500 (EST) | sip.ua | next connection attempt in 2 seconds

von der Stern-CLI kann ich sehen, dass https aktiviert ist.

stations-desktop*CLI> http show status 
HTTP Server Status:
Prefix:/asterisk
Server Enabled and Bound to 0.0.0.0:8088

HTTPS Server Enabled and Bound to 0.0.0.0:8089

Enabled URI's:/asterisk/httpstatus => Asterisk HTTP General Status/asterisk/phoneprov/... => Asterisk HTTP Phone Provisioning Tool/asterisk/static/... => Asterisk HTTP Static Delivery/asterisk/ws => Asterisk HTTP WebSocket

Enabled Redirects:
None.

http.conf

[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
prefix=asterisk
enablestatic=yes
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlsprivatekey=/etc/asterisk/keys/asterisk.pem

sip.conf

[general]
context=public
allowoverlap=no
udpbindaddr=0.0.0.0
tcpenable=no
tcpbindaddr=0.0.0.0
transport=udp,ws,wss
srvlookup=yes
qualify=yes

tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1

[authentication]
[basic-options](!)                ; a template
    dtmfmode=rfc2833
    context=from-office
    type=friend

[webrtc](!)
    type=friend
    host=dynamic
    encryption=yes
    avpf=yes
    icesupport=yes
    context=default
    directmedia=no
    transport=ws,wss
    force_avp=yes
    dtlsenable=yes
    dtlsverify=no
    dtlscertfile=/etc/asterisk/keys/asterisk.pem
    dtlsprivatekey=/etc/asterisk/keys/asterisk.key
    dtlssetup=actpass

[1001](webrtc)
    secret=REDACTED

[1002](webrtc)
    secret=REDACTED

extensions.conf

[general]
exten => 1002,1,Dial(SIP/1002)
exten => 1003,1,Dial(SIP/1003)
exten => 2000,1,Answer()
same => n,Playback(demo-congrats)
same => n,Hangup()

rtp.conf

[general]
rtpstart=10000
rtpend=20000
icesupport=true
stunaddr=stun.l.google.com:19302

jede Hilfe ist willkommen!

antworten

Ich habe selbstsignierte Zertifikate verwendet. Selbstsignierte Zertifikate gelten nicht als vertrauenswürdig. Das Umschalten auf gültige SSL-Zertifikate hat den Zweck erfüllt. Chrome 47 und höher erfordern dies.