13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

(https://vitalpbx.com)

Asterisk WebRTC With PJSip From Scratch

Rodrigo Cuadra(https://vitalpbx.com/author/rcuadra/) June 18, 2021(https://vitalpbx.com/2021/06/18/)

     

1.- Introduction

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 1/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

WebRTC (Web Real-Time Communication) is a free, open-source, project providing web browsers and

mobile applications with real-time communications (RTC) via simple application programming interfaces
(https://vitalpbx.com)
(APIs). It allows audio and video communication to work inside web pages by allowing direct peer-to-peer

communication, eliminating the need to install plugins or download native apps. Supported by Apple,

Google, Microsoft, Mozilla, and Opera, WebRTC specifications have been published by the World Wide

Web Consortium (W3C) and the Internet Engineering Task Force (IETF).

This tutorial will walk you through configuring Asterisk to service WebRTC clients.

Modify or create an Asterisk HTTPS TLS server.

Create a PJSIP WebSocket transport.

Create PJSIP Endpoint, AOR and Authentication objects that represent a WebRTC client.

2.- Installation
2.1.- Preparing our server

First, we update our CentOS 7 installation and install some dependencies.

[root@localhost ~]# yum install wget nano git epel-release -y

Disable SELinux on CentOS

[root@localhost ~]# sed -i s/^SELINUX=.*$/SELINUX=disabled/ /etc/selinux/config

[root@localhost ~]# reboot

Next, Install the Firewall

[root@localhost ~]# yum install firewalld -y

[root@localhost ~]# systemctl enable firewalld
[root@localhost ~]# systemctl start firewalld

Enable required ports

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 2/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~]# firewall-cmd –zone=public –add-port=10000-20000/udp –permanent

[root@localhost ~]# firewall-cmd –zone=public –add-port=10000-20000/tcp –permanent
[root@localhost ~]# firewall-cmd –zone=public –add-port=8089/tcp –permanent
(https://vitalpbx.com)
[root@localhost ~]# firewall-cmd –zone=public –add-port=443/tcp –permanent
[root@localhost ~]# firewall-cmd –zone=public –add-port=80/tcp –permanent
[root@localhost ~]# firewall-cmd –zone=public –add-port=22/tcp –permanent
[root@localhost ~]# firewall-cmd –reload

Now, we enable extra security for ssh access. We change the port by doing the following steps. (Optional)

[root@localhost ~]# nano /etc/ssh/sshd_config

# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $

# This is the sshd server system-wide configuration file. See

# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 2235
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Uncomment the line #Port 22 and change the port to one of your preference.

Now add the new rule with the new port and restart the sshd service and log in with the new port.

[root@localhost ~]# firewall-cmd –zone=public –add-port=2235/tcp –permanent

[root@localhost ~]# firewall-cmd –reload
[root@localhost ~]# systemctl restart sshd

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 3/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

2.2.- Installing Asterisk 18

Now we start the install process of Asterisk 18

(https://vitalpbx.com)
[root@localhost ~]# cd /usr/src/
[root@localhost src]# wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18-
current.tar.gz
[root@localhost src]# tar -zxvf asterisk-18-current.tar.gz
[root@localhost src]# cd asterisk-18.*
[root@localhost asterisk-18.6.0]# yum install svn -y
[root@localhost asterisk-18.6.0]# ./contrib/scripts/get_mp3_source.sh
[root@localhost asterisk-18.6.0]# contrib/scripts/install_prereq install
[root@localhost asterisk-18.6.0]# ./configure –libdir=/usr/lib64 –with-jansson-bundled –with-
pjproject-bundled

At the end of the Asterisk compilation the following appears

(https://vitalpbx.com/wp-content/uploads/2021/06/VitalPBX_Asterisk_Succefully_Completed-

1024x601.png)

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 4/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

Then, we proceed to make menuselect

[root@localhost asterisk-18.6.0]# make menuselect

(https://vitalpbx.com)

We make sure that on the codec “codec_opus” is selected. After selecting everything we need, we

proceed to Save & Exit.

(https://vitalpbx.com/wp-content/uploads/2021/06/VitalPBX_Asterisk_Menu_Select-1024x464.png)

Now we will proceed to install Asterisk, wait about 10 minutes.

[root@localhost asterisk-18.6.0]# make && make install

[root@localhost asterisk-18.6.0]# make samples
[root@localhost asterisk-18.6.0]# make config

Create a separate user and group to run asterisk services, and assign correct permissions:

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 5/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost asterisk-18.6.0]# groupadd asterisk

[root@localhost asterisk-18.6.0]# useradd -r -d /var/lib/asterisk -g asterisk asterisk
[root@localhost asterisk-18.6.0]# usermod -aG audio,dialout asterisk
(https://vitalpbx.com)
[root@localhost asterisk-18.6.0]# chown asterisk. -R /etc/asterisk
[root@localhost asterisk-18.6.0]# chown asterisk. -R /var/{lib,log,spool}/asterisk
[root@localhost asterisk-18.4.0]# chown -R asterisk.asterisk /usr/lib64/asterisk

Set Asterisk default user to asterisk:

[root@localhost asterisk-18.6.0]# nano /etc/sysconfig/asterisk

AST_USER=”asterisk”
AST_GROUP=”asterisk”

Restart asterisk service after making the changes:

[root@localhost asterisk-18.6.0]# chkconfig asterisk on

[root@localhost asterisk-18.6.0]# systemctl restart asterisk
[root@localhost asterisk-18.6.0]# asterisk -rvvvvvvvvvvvvvvvvvvv
Asterisk 18.6.0, Copyright (C) 1999 – 2021, Digium, Inc. and others.
Created by Mark Spencer [email protected]
Asterisk comes with ABSOLUTELY NO WARRANTY; type ‘core show warranty’ for details.
This is free software, with components licensed under the GNU General Public
License version 2 and other licenses; you are welcome to redistribute it under
certain conditions. Type ‘core show license’ for details.
=========================================================================
Connected to Asterisk 18.6.0 currently running on localhost (pid = 91658)
localhost*CLI>

CONGRATULATIONS! You have successfully installed Asterisk 18.

2.3.- Installing Apache

Install Apache to enable web access to our servers.

[root@localhost ~]# yum install httpd -y

[root@localhost ~]# systemctl enable httpd
[root@localhost ~]# systemctl start httpd

We create a temporary website with our domain (Our example is: wrtc.new.vitalpbx.org).

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 6/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

Throughout this tutorial you should substitute the domain wrtc.new.vitalpbx.org for yours.

[root@localhost ~]# mkdir -p /var/www/html/mydomain.com/{public_html,logs}

(https://vitalpbx.com)
[root@localhost ~]# nano /etc/httpd/conf.d/mydomain.com.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName mydomain.com
ServerAlias mydomain.com

DocumentRoot /var/www/html/mydomain.com/public_html/
ErrorLog /var/www/html/mydomain.com/logs/error.log
CustomLog /var/www/html/mydomain.com/logs/access.log combined
</VirtualHost>

We restart our Apache

[root@localhost ~]# systemctl restart httpd

2.4.- Creating our Certificate

First, we have to ensure that our domain or subdomain points to the IP address of our server, for this we

go to the configuration of our DNS and add a type A record.

Now we will proceed to install our certificate by first installing the dependencies.

[root@localhost ~]# yum install certbot python2-certbot-apache mod_ssl -y

Now we create our LetsEncrypt certificate.

[root@localhost ~]# certbot ––apache -d mydomain.com

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices)
(Enter ‘c’ to cancel):

Provide an email to be notified of the expiration of the certificate.

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 7/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Please read the Terms of Service at
(https://vitalpbx.com)
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
(Y)es/(N)o:

Answer Y to proceed

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let’s Encrypt project and the non-profit organization that
develops Certbot? We’d like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
(Y)es/(N)o:

Answer Y to proceed

At the end we see the following message confirming that all is correct.

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 8/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

Account registered.
Requesting a certificate for mydomain.com
Performing the following challenges:
(https://vitalpbx.com)
http-01 challenge for mydomain.com
Waiting for verification…
Cleaning up challenges
Created an SSL vhost at /etc/httpd/conf.d/mydomain.com-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/ mydomain.com-le-ssl.conf
Redirecting vhost in /etc/httpd/conf.d/mydomain.com.conf to ssl vhost in /etc/httpd/conf.d/
mydomain.com-le-ssl.conf

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Congratulations! You have successfully enabled https://mydomain.com
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Subscribe to the EFF mailing list (email: [email protected]).
Starting new HTTPS connection (1): supporters.eff.org
We were unable to subscribe you the EFF mailing list because your e-mail address appears to be
invalid. You can try again later by visiting https://act.eff.org.

IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/mydomain.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/mydomain.com/privkey.pem
Your certificate will expire on 2021-09-14. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again with the “certonly” option. To non-interactively
renew *all* of your certificates, run “certbot renew”
– If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate

Donating to EFF: https://eff.org/donate-le

[root@localhost ~]#

We write down the path of both certificates, since we are going to use them later.

We modify the file /etc/httpd/conf.d/ssl.conf

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 9/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~]# mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.bak

[root@localhost ~]# nano /etc/httpd/conf.d/ssl.conf
Listen 443 https
(https://vitalpbx.com)
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin

[root@localhost ~]# mv /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.bak

[root@localhost ~]# mv /etc/httpd/conf.d/mydomain.com.conf
/etc/httpd/conf.d/mydomain.com.conf.bak

Disable other sites

Reload Apache service

[root@localhost ~]# systemctl reload-or-restart httpd

Set Up Auto-Renewal

Now that certbot is installed and working, we need to have it check for expiring certificates automatically.

As root, we first open the crontab for our server:

[root@localhost ~]# crontab -e

Press Insert

In this instance, I’ve added a cron to our example server that looks like this:

45 3 * * 6 /usr/local/letsencrypt/certbot-auto renew && systemctl reload httpd

Save with Esc, :wq

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 10/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

This cron will, at 3:45 AM every Saturday, run the certbot renew function to renew any already-installed

certificates that are due to expire, and then reload the Apache configuration. Save the crontab after you

add this line, and(https://vitalpbx.com)

it will be in effect immediately.

2.5.- Asterisk Configuration

You should have a working chan_pjsip based Asterisk installation. Either install Asterisk from your

distribution’s packages or, preferably, install Asterisk from source. Either way, there are a few modules

over and above the standard ones that must be present for WebSockets and WebRTC to work:

res_crypto

res_http_websocket

res_pjsip_transport_websocket

codec_opus (optional but highly recommended for high quality audio)

We recommend installing Asterisk from source because it’s easy to make sure these modules are built

and installed.

2.5.1.- Certificates

Technically, a client can use WebRTC over an insecure WebSocket to connect to Asterisk. In practice

though, most browsers will require a TLS based WebSocket to be used. You can use self-signed

certificates to set up the Asterisk TLS server but getting browsers to accept them is tricky. So if you’re able,

we highly recommend getting trusted certificates from an organization such as LetsEncrypt.

As the objective of this presentation is not to teach how to install a certificate with LetsEncrypt, we

recommend the following link to do it yourself.

https://www.tecmint.com/install-lets-encrypt-ssl-certificate-to-secure-apache-on-rhel-centos/

(https://www.tecmint.com/install-lets-encrypt-ssl-certificate-to-secure-apache-on-rhel-centos/)

2.5.2.- Configure Asterisk’s built-in HTTP server

To communicate with WebSocket clients, Asterisk uses its built-in HTTP server. So we configure the

following:

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 11/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~] mv /etc/asterisk/http.conf /etc/asterisk/http.conf.bak

[root@localhost ~] nano /etc/asterisk/http.conf
[general]
(https://vitalpbx.com)
servername=Asterisk
tlsbindaddr=0.0.0.0:8089
bindaddr=0.0.0.0
bindport=8088
enabled=yes
tlsenable=yes
tlscertfile=/etc/letsencrypt/live/mydomian.com/fullchain.pem
tlsprivatekey=/etc/letsencrypt/live/mydomain.com/privkey.pem

2.5.3.- PJSIP WSS Transport

Although the HTTP server does the heavy lifting for WebSockets, we still need to define a basic PJSIP

Transport:

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 12/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~] mv /etc/asterisk/pjsip.conf /etc/asterisk/pjsip.conf.bak

[root@localhost ~] nano /etc/asterisk/pjsip.conf
[system]
(https://vitalpbx.com)
type=system
timer_t1=500
timer_b=32000
disable_tcp_switch=yes

[global]
type=global
max_initial_qualify_time=0
keep_alive_interval=90
contact_expiration_check_interval=30
default_voicemail_extension=*97
unidentified_request_count=3
unidentified_request_period=5
unidentified_request_prune_interval=30
mwi_tps_queue_high=500
mwi_tps_queue_low=-1
mwi_disable_initial_unsolicited=yes
send_contact_status_on_update_registration=yes

[transport-wss]
type=transport
protocol=wss
bind=0.0.0.0:8089
local_net=10.10.0.9/16
local_net=10.116.0.6/20
external_media_address=178.128.149.185
external_signaling_address=178.128.149.185
allow_reload=yes

Replace local_net, external_media_address and external_signaling_address with their respective IPs.

2.5.4.- PJSIP Endpoint, AOR and Auth

We now need to create the basic PJSIP objects that represent the client. In this example, we’ll call the

client webrtc_client, but you can use any name you like, such as an extension number. Only the minimum

options needed for a working configuration are shown. NOTE: It’s normal for multiple objects in pjsip.conf

to have the same name as long as the types differ. Add the following content to the end of the file.

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 13/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~] nano /etc/asterisk/pjsip.conf

[webrtc-phones](!)
(https://vitalpbx.com)
context=main-context
transport=transport-wss
allow=!all,opus,ulaw,alaw,vp8,vp9
webrtc=yes

[User1](webrtc-phones)
type=endpoint
callerid=”User One” <100>
auth=User1
aors=User1

[User1]
type=aor
max_contacts=3

[User1]
type=auth
auth_type=userpass
username=User1
password=1234

[User2](webrtc-phones)
type=endpoint
callerid=”User Two” <101>
auth=User2
aors=User2

[User2]
type=aor
max_contacts=3

[User2]
type=auth
auth_type=userpass
username=User2
password=1234

[User3](webrtc-phones)
type=endpoint
callerid=”User Three” <102>
auth=User3

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 14/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch
aors=User3

[User3]
type=aor (https://vitalpbx.com)
max_contacts=3

[User3]
type=auth
auth_type=userpass
username=User3
password=1234

We change the owner of the file to be asterisk

[root@localhost ~] chown asterisk. /etc/asterisk/pjsip.conf

2.5.5.- Configure extensions.conf

Update the /etc/asterisk/extensions.conf to the following:

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 15/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~] mv /etc/asterisk/extensions.conf /etc/asterisk/extensions.conf.bak

[root@localhost ~] nano /etc/asterisk/extensions.conf
[general]
(https://vitalpbx.com)
static=yes
writeprotect=yes
priorityjumping=no
autofallthrough=no

[globals]
ATTENDED_TRANSFER_COMPLETE_SOUND=beep

[main-context]
include => from-extensions
include => subscriptions
include => textmessages
include => echo-test
include => speak-exte-nnum

[echo-test]
exten => 777,1,NoOp(FEATURE: ECHO TEST)
same => n,Answer
same => n,Wait(1)
same => n,Playback(demo-echotest)
same => n,Echo()
same => n,Playback(demo-echodone)
same => n,Hangup()
;END of [echo-test]

[speak-exte-nnum]
exten => 888,1,NoOp(FEATURE: SPEAK MY EXTENSION NUMBER)
same => n,Answer
same => n,Wait(1)
same => n,Playback(extension)
same => n,Wait(1)
same => n,SayDigits(${CALLERID(num)})
same => n,Wait(2)
same => n,Hangup()
;END of [speak-exte-nnum]

[textmessages]
exten => 100,1,Gosub(send-text,s,1,(User1))
exten => 101,1,Gosub(send-text,s,1,(User2))
exten => 102,1,Gosub(send-text,s,1,(User3))

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 16/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch
[subscriptions]
exten => 100,hint,PJSIP/User1
exten => 101,hint,PJSIP/User2
exten => 102,hint,PJSIP/User3
(https://vitalpbx.com)

[from-extensions]
; Feature Codes:
exten => *65,1,Gosub(moh,s,1)
; Extensions
exten => 100,1,Gosub(dial-extension,s,1,(User1))
exten => 101,1,Gosub(dial-extension,s,1,(User2))
exten => 102,1,Gosub(dial-extension,s,1,(User3))

exten => e,1,Hangup()

[moh]
exten => s,1,NoOp(Music On Hold)
exten => s,n,Ringing()
exten => s,n,Wait(2)
exten => s,n,Answer()
exten => s,n,Wait(1)
exten => s,n,MusicOnHold()

[dial-extension]
exten => s,1,NoOp(Calling: ${ARG1})
exten => s,n,Set(JITTERBUFFER(adaptive)=default)
exten => s,n,Dial(PJSIP/${ARG1},30)
exten => s,n,Hangup()

exten => e,1,Hangup()

[send-text]
exten => s,1,NoOp(Sending Text To: ${ARG1})
exten => s,n,Set(PEER=${CUT(CUT(CUT(MESSAGE(from),@,1),<,2),:,2)})
exten => s,n,Set(FROM=${SHELL(asterisk -rx ‘pjsip show endpoint ${PEER}’ | grep ‘callerid ‘ |
cut -d’:’ -f2- | sed ‘s/^ *//’ | tr -d ‘
‘)})
exten => s,n,Set(CALLERID_NUM=${CUT(CUT(FROM,>,1),<,2)})
exten => s,n,Set(FROM_SIP=${STRREPLACE(MESSAGE(from),
exten => s,n,MessageSend(pjsip:${ARG1},${FROM_SIP})
exten => s,n,Hangup()

We change the owner of the file to be asterisk

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 17/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

[root@localhost ~] chown asterisk. /etc/asterisk/extensions.conf

(https://vitalpbx.com)
Restart Asterisk to pick up the changes and if you have a firewall, don’t forget to allow TCP port 8089

through so your client can connect.

[root@localhost ~] asterisk -rvvvvvvvvvvvvvvvvvv

localhost*CLI> module reload res_pjsip.so
localhost*CLI> dialplan reload

Verify that the certificate is properly applied

localhost*CLI> module reload http

localhost*CLI> http show status
HTTP Server Status:
Prefix:
Server: Asterisk
Server Enabled and Bound to 0.0.0.0:8088

HTTPS Server Enabled and Bound to 0.0.0.0:8089

Enabled URI’s:
/httpstatus => Asterisk HTTP General Status
/phoneprov/… => Asterisk HTTP Phone Provisioning Tool
/metrics/… => Prometheus Metrics URI
/ari/… => Asterisk RESTful API
/ws => Asterisk HTTP WebSocket

Enabled Redirects:
None.

2.5.6.- Wrap Up

At this point, your WebRTC client should be able to register and make calls. If you’ve used self-signed

certificates however, your browser may not allow the connection and because the attempt is not from a

normal URI supplied by the user, the user might not even be notified that there’s an issue. You may be

able to get the browser to accept the certificate by visiting “https://pbx.example.com:8089/ws” directly.

This will usually result in a warning from the browser and may give you the opportunity to accept the self-

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 18/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

signed certificate and/or create an exception. If you generated your certificate from a pre-existing local

Certificate Authority, you could also import that Certificate Authority’s certificate into your trusted store
(https://vitalpbx.com)
but that procedure is beyond the scope of this document.

**Information Source:

https://wiki.asterisk.org/wiki/display/AST/Configuring+Asterisk+for+WebRTC+Clients

3.- WebRTC Client

For this presentation we decided to use Browser Phone that our criteria is one of the best and most

complete open source projects of WebRTC Client.

3.1.- Browser Phone

This web application is designed to work with Asterisk PBX (v13, v16 & v18). Once loaded application will

connect to Asterisk PBX on its web socket, and register an extension. Calls are made between contacts,

and a full call detail is saved. Audio Calls can be recorded. Video Calls can be recorded, and can be saved

with 5 different recording layouts and 3 different quality settings. This application does not use any cloud

systems or services, and is designed to be stand-alone. Additional libraries will be downloaded at run time

(but can also be saved to the web server for a complete off-line solution).

3.2.- Server Requires

Asterisk PBX version 13|16|17|18 (with Websockets and Text Messaging, chan_sip or chan_pjsip).

Copy the project to the previously created folder.

[root@localhost ~] cd /var/www/html/mydomain.com/public_html/
[root@localhost ~] git clone https://github.com/InnovateAsterisk/Browser-Phone.git

Give the permissions

[root@localhost ~] chown -R apache:apache /var/www/html/mydomain.com/public_html/

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 19/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

3.3.- Enter the Browser with the following url:

https://mydomain/Browser-Phone/Phone/ (https://mydomain/Browser-Phone/Phone/)
(https://vitalpbx.com)
We enter the following data and we give it Save. Make sure to write all the data including the /ws value in

WebSocket Path.

(https://vitalpbx.com/wp-

content/uploads/2021/06/VitalPBX_Asterisk_WebRTC_Browser_Phone_Account.png)

After pressing Save, your registered account should appear at the top left.

Below we show an image of how extension 100 registered with a call in progress should look like.

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 20/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

(https://vitalpbx.com)

(https://vitalpbx.com/wp-content/uploads/2021/06/VitalPBX_Asterisk_WebRTC_Browse_Phone_Gui-

1024x573.png)

Our Latest Post

NEWS HOW-TO

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 21/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

A new PBX Award. VitalPBX Receives Interconnecting DIDWW SIP Trunking

2023 INTERNET TELEPHONY Product of with VitalPBX 4. Step-by-Step Guide.
the Year (https://vitalpbx.com/blog/didww-
(https://vitalpbx.com/blog/pbx-award-
(https://vitalpbx.com) interconnecting-sip-trunk/)
vitalpbx-tmc-2023/)
DIDWW is a leading provider of global communications
A new PBX award for VitalPBX. TMC, a global, integrated solutions, offering high-quality SIP trunking services to
media company, announced today that has named VitalPBX businesses of all sizes. With local and toll-free phone
as a recipient of a 2023 INTERNET numbers

READ MORE » (HTTPS://VITALPBX.COM/BLOG/PBX-AWARD-VITALPBX- READ MORE » (HTTPS://VITALPBX.COM/BLOG/DIDWW-

TMC-2023/) INTERCONNECTING-SIP-TRUNK/)

HOW-TO

Interconnecting IXICA SIP Trunking

with VitalPBX 4. An easy step-by-step
guide (https://vitalpbx.com/blog/ixica/)

IXICA is Canada’s premier SIP trunking and hosted PBX

provider, providing access to the most sip channels and
network coverage. If you’re looking for ways

READ MORE » (HTTPS://VITALPBX.COM/BLOG/IXICA/)

March 22, 2023 • No Comments

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 22/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

(https://vitalpbx.com)

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 23/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch

(https://vitalpbx.com)

Contact Info
2292 NW 82nd Ave HB 002998 Miami, Florida 33198.

Phone: +1(305) 560-5776

Email: [email protected] (mailto:[email protected])

VitalPBX provides a robust and scalable platform, which will allow you to
manage your PBX in an easy and intuitive way.

Add-ons Support
 Multi Tenant PBX System(https://vitalpbx.com/multi-tenant-pbx/) Professional Support (https://vitalpbx.com/product/professional-

Packages support-packages/)
 Rebranding Module(https://vitalpbx.com/rebranding-module/)
 Forum(https://forums.vitalpbx.org/)
 Sonata Recording(https://vitalpbx.com/sonata-recordings/)
 F.A.Q's(https://forums.vitalpbx.org/c/faq/14)
 Sonata Switchboard(https://vitalpbx.com/sonata-switchboard/)

 Sonata Stats(https://vitalpbx.com/sonata-stats/)
 Manuals(https://wiki.vitalpbx.com/) (h
tt
VitalPBX Changes (https://vitalpbx.com/vitalpbx-phone-system-change-
p
VitXi WebRTC - (https://vitalpbx.com/vitxi-webrtc-softphone-client-  (h
 Log log/) s: (
Softphone for-vitalpbx/) tt (h
// t
p tt
Contact (https://vitalpbx.com/unified-communications-system-contact-
w
 s: p
Us us/) (h w ( s
// tt w. s: m /
w //
p li (h ai w
w w
s: n tt lt w
w. w
// k p o: w
fa w.
t e s: sa i
c y
w di // le s
e o
itt n. t. s
b er c ut m @ g
Copyright @ 2023 VitalPBX, All rights reserved. o .c o u e vi 
o b
o m /v ta m
k. e.
m /c it lp .
c c
/v o al b o
o o
it m p x. m
m m
al p b c /
/v p a /v x) o
it it
b n m a
al al
x) y/ )
p p
vi
b b
ta x
x/ x)
lp
)
b
x/
https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 24/25
13/4/23, 16:36 Asterisk WebRTC With PJSip From Scratch
x/
)

https://vitalpbx.com/blog/asterisk-webrtc-from-scratch/ 25/25