Bringing Telecommunications In-House - Part 3:

The third part in the series bringing my telecommunications in-house. This article will cover getting Asterisk 13 LTS working with WebRTC.


WebRTC is a HTML5 thing that lets you talk over the Internet. Well, that is how I'd put it. Wikipedia says:

WebRTC (Web Real-Time Communication) is an API definition drafted by the World Wide Web Consortium (W3C) that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing without the need of either internal or external plugins.

Wikipedia, WebRTC

For my purposes I am only interested in the voice calling part of WebRTC, as I very seldom use video chat. Even if I had a higher bandwidth connection I probably wouldn't use video chat.

Anyway, as with the rest of this series, I am doing things in a disjointed manner. This article was supposed to be about SIP2SIM or Digium D70. Alas, I wanted to get this working now.

So, for the purpose of keeping everyone discombobulated, I will be referencing WebRTC tutorial using SIPML5 from the Asterisk Wiki. You've guessed it: we're installing Asterisk again!

(Re-)configuring and (Re-)installing Asterisk

sudo apt-get install build-essential libncurses5-dev libxml2-dev libsqlite3-dev libssl-dev libsrtp0-dev uuid-dev

What's that? We've already got all them? OK...

cd /opt/asterisk/asterisk-svn/asterisk-13-svn/
cd contrib/scripts
sudo ./install_prereq install
sudo ./install_prereq install-unpackaged
cd ../../
./configure && make menuselect
  • Channel Drivers
    • --- Extended ---
    • [*] chan_sip
  • Resource Modules
    • [*] res_crypto
    • --- Extended ---
    • [*] res_http_websocket

Backup sip.conf and extensions.conf!

cd /etc/asterisk/
sudo mv sip.conf sip.conf.20141201
sudo mv extensions.conf extensions.conf.20141201
cd /opt/asterisk/asterisk-svn/asterisk-13-svn/

Compile and Install New Install of Asterisk 13 LTS

Note: I haven't backed up rtp.conf or indications.conf because those changes were minimal. sudo make samples will overwrite all configuration files that have changed from the defaults.

make -j 2 && sudo make install -j 2 && sudo make samples

At this point Asterisk should be (re-)installed (again).

cd /etc/asterisk/
sudo mv extensions.conf.20141201 extensions.conf
sudo mv sip.conf.20141201 sip.conf
sudo nano rtp.conf
sudo nano indications.conf
sudo service asterisk stop
sudo service asterisk start

At this point everything should be functioning as it was previously. But to test anyway, sudo asterisk -rvvv and then try dialling extensions 6002 from 6001, and then try dialling 0800500005 from extension 6001.

As everything seems to be functioning correctly, time to move on to setting up WebRTC. exit from asterisk CLI.

Configuring Asterisk for WebRTC

The one obvious issue I can see is going to occur already is that Asterisk does not deal with chained certificates when doing SIP transport over TLS - the intermediate certificate for is not given to SIP clients by Asterisk.

If this is an issue, I will just try to proxy through nginx, like I have done for lighttpd.

sudo nano http.conf
enabled = yes
bindaddr =
bindport = 8088
sudo nano rtp.conf
icesupport = true
stunaddr =
sudo mkdir keys
sudo chown asterisk:asterisk keys/
cd /opt/asterisk/asterisk-svn/asterisk-13-svn/
cd contrib/scripts
sudo ./ast_tls_cert -C -O "John Cook" -d /etc/asterisk/keys
cd /etc/asterisk
sudo chown -R asterisk:asterisk keys/
sudo nano sip.conf

host = dynamic
secret = 12345
context = from-internal
type = friend
encryption = yes
transport = ws,wss
avpf = yes
force_avp = yes
icesupport = yes
directmedia = no
disallow = all
allow = ulaw
dtlsenable = yes
dtlsverify = fingerprint
dtlscertfile = /etc/asterisk/keys/asterisk.pem
dtlskeyfile = /etc/asterisk/keys/ca.crt
dtlssettup = actpass
sudo nano extensions.conf
exten => 6000,1,Answer()
same => n,Playback(demo-congrats)
same => n,Hangup()
sudo service asterisk restart

Testing Setup

Visit in Chrome (not Firefox unless the Nightly Build version), and click the Live Demo button.

Open up port 8088 in the firewall (iptables).

Settings for SIPML5

Display Name
John Cook
Private Identity
Public Identity

Expert mode? Settings for SIPML5

Disable Video
WebSocket Server URL
ICE Servers
[{url: ''}]

Call Control

Enter phone number to call

Experience No Audio

Alas, try as I might, I can not get audio to work. I switched the context to 'internal' and tried calling 6001, and although it dialled and the call was established, Groundwire had trouble with the codecs being used. I added Opus to the codecs supported for Wi-Fi, but still no audio in either direction.

For now I've just commented out extension 6050, reloaded chan_sip, and I'll try again another time. Meh.