Hi,
Thanks for your help.
I will try this evening.
Regards
Two things to note here.
- Wildcard SSL certificate only recently got support in Asterisk, I’m not sure if VitalPBX is already running the version that supports it. (I can check later what version has support. The reason why it wasn’t in Asterisk, is because wildcard SSL certs in SIP are against the RFC rules. But hey, everyone is doing it anyway, so they decided to add it)
- We are also using WebRTC behind a NGINX proxy and experience the same issue.
In the past, it was working fine, but around 6 months ago there was some update to VitXi and since then we started having issues. @maynor kept on saying that the new update requires the server hostname and the domain name to match, which is super annoying as we have multi tenancy with a unique domain for each tenant… As well as the hostname and domain matching isn’t a WebRTC standard requirement.
I also think that because the browser SSL and Asterisk SSL are not the same, that’s probably what’s causing it. Meaning, Asterisk uses the SSL configured on the PBX and the WebRTC client uses your proxy’s SSL.
I think that if VitalPBX offers multi tenancy, they MUST support using different WebRTC domains as well as wildcard SSLs. Additionally, it would be nice if they test it behind a popular proxies such as NGINX, Caddy, HAProxy etc. Since proxies are today everywhere for security reasons.
2 Likes
We can make this available on VitalPBX 4. Even though, this only applies to TLS and not to WSS, which is the protocol that uses the WebRTC applications.
1 Like
So why isn’t wildcard SSLs allowed with WebRTC then?
2 Likes
Hello Sir,
We are going to perform tests on our development servers. Any news about this will be posted in this topic.
Regards,
1 Like
Hi @maynor,
We have tried copying the SSL from the NGINX reverse proxy to the PBX, but we still get the error. However, we did not restart Asterisk after setting the SSL on the PBX.
Let me know if you need any additional information or if you want me to test something
Thank you
1 Like
Hi PitzKey,
For me , All works fine (except VitalPBX Mobile , I opened a case about it on helpdesk).
I use same Wildcard on VitalPBX and Sophos UTM (to protect access to it).
VitalPBX WebRTC works fine.
I didn’t tested with real phone (Yealink or anything else, I don’t need it now).
Regards
Did you do ALL this?
Allow the IP on your UTM as well!
I can register an extension on VitalPBX Mobile.
(I use latest version of VitalPBX server : 3.2.3-5))
-
Outside Network (on 4G/5G Mobile Network for exemple)
RTP doesn’t work on iPhone.
So no sound/voice. -
Inside Network (on same LAN)
RTP works without any issues.
I can make or receive call … but without sound.
Regards
1 Like
Hello Sir,
Can you access https://server-address:8089/ws ?
Could you please send a screenshot (without showing sensitive data) of your Nginx proxy configuration?
Regards,
Does the VitXi WebRTC not have audio either?
You can check that the “Ice Support” option is enabled. This option can be found in the “RTP Settings” module.
Regards,
ICE Hosts
add the advertised address and the local adress
This got solved during a remote support session!!
1 Like
Please can share the solution for learning purpose 
What fixed it? Thanks
Hi @maynor,
Yes:
See pastebin link: https://pastebin.com/6BsPsiVu or the raw version: https://pastebin.com/raw/6BsPsiVu
Let me know if you need any further information
Thank you
1 Like
Hi Sir!
I see that you can access port 8089, which means that the pjsip websocket is working fine. The issue you have in VitXi is that you have no audio?
If so, you can verify in the “RTP Settings” module, that Ice Support is enabled and Strict RTP is disabled.
I look forward to your comments,
Regards,
Hi @maynor
Audio is working fine.
We are getting every few minutes a red pop up with message :
And calls randomly get disconnected.
Hello. Friendly follow up…
1 Like
Hello sir.
We would like to review the problem in detail, could you please send us your AnyDesk ID to maynor@vitalpbx.com?
Regards!,