But I want to be able to use it outside my LAN , so I used Sophos UTM (which use SQUID as Reverse proxy) to access VitXi.
I added a NAT rule for 8089 port.
Wildcard SSL certificate only recently got support in Asterisk, I’m not sure if VitalPBX is already running the version that supports it. (I can check later what version has support. The reason why it wasn’t in Asterisk, is because wildcard SSL certs in SIP are against the RFC rules. But hey, everyone is doing it anyway, so they decided to add it)
We are also using WebRTC behind a NGINX proxy and experience the same issue.
In the past, it was working fine, but around 6 months ago there was some update to VitXi and since then we started having issues. @maynor kept on saying that the new update requires the server hostname and the domain name to match, which is super annoying as we have multi tenancy with a unique domain for each tenant… As well as the hostname and domain matching isn’t a WebRTC standard requirement.
I also think that because the browser SSL and Asterisk SSL are not the same, that’s probably what’s causing it. Meaning, Asterisk uses the SSL configured on the PBX and the WebRTC client uses your proxy’s SSL.
I think that if VitalPBX offers multi tenancy, they MUST support using different WebRTC domains as well as wildcard SSLs. Additionally, it would be nice if they test it behind a popular proxies such as NGINX, Caddy, HAProxy etc. Since proxies are today everywhere for security reasons.
We can make this available on VitalPBX 4. Even though, this only applies to TLS and not to WSS, which is the protocol that uses the WebRTC applications.
We have tried copying the SSL from the NGINX reverse proxy to the PBX, but we still get the error. However, we did not restart Asterisk after setting the SSL on the PBX.
Let me know if you need any additional information or if you want me to test something
For me , All works fine (except VitalPBX Mobile , I opened a case about it on helpdesk).
I use same Wildcard on VitalPBX and Sophos UTM (to protect access to it).
VitalPBX WebRTC works fine.
I didn’t tested with real phone (Yealink or anything else, I don’t need it now).