Skip to main content

How to – Setup Up Secure WebRTC Communication for Vicidial with LetsEncrypt

In this tutorial, we will guide you through the process of securing your Vicidial server and ViciPhone with SSL certificates from LetsEncrypt. Ensuring a secure connection is crucial, especially when dealing with sensitive information in a call center environment. Follow these step-by-step instructions to implement secure communication using WebRTC.

Step 1: Install LetsEncrypt

Run the following command to install LetsEncrypt on your server:


zypper install certbot python3-certbot-apache

Step 2: Create SSL Certificate

Generate SSL certificates for your Vicidial server and ViciPhone using the following command:


certbot certonly --webroot -w /path/of/webroot -d demo.example.com

Step 3: Configure Apache for SSL

Edit the Vicibox vhost file to include the SSL certificate information:


nano /etc/apache2/vhost.d/1111-default-ssl.conf

Update the SSLCertificateFile and SSLCertificateKeyFile paths with your certificate details.

Step 4: Redirect HTTP to HTTPS

Edit the specified file to add a redirect from HTTP to HTTPS:


nano /etc/apache2/vhost.d/1111.default.conf

Add the following line after DocumentRoot:


Redirect permanent / https://yourserverip/

Save the file and restart Apache:


systemctl restart apache2

Step 5: Install SSL Certificate in Asterisk

Update the Asterisk configuration file with SSL certificate information:


cd /etc/asterisk/
nano http.conf

Add the following details:


[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
enablestatic=yes
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/letsencrypt/live/domain_name/cert.pem
tlsprivatekey=/etc/letsencrypt/live/domain_name/privkey.pem

Restart Apache and Asterisk:

service apache restart
service asterisk restart

Verify HTTPS status in Asterisk:


asterisk -rx 'http show status'

Step 6: Download and Install ViciPhone

SSH to your Vicibox and run the following commands:


cd /var/tmp
git clone https://github.com/vicimikec/ViciPhone.git
cd Viciphone
cp -r src /srv/www/htdocs/agc/viciphone
chmod -R 755 /srv/www/htdocs/agc/viciphone

Step 7: Vicidial Configuration

Ensure the Vicidial admin interface is accessible via HTTPS. Update the Wephone URL in System settings:


https://192.168.0.201/vicidial/admin.php

Step 8: Configure External Server IP in Vicidial

Navigate to ADMIN -> Servers and configure the External Server IP and Web Socket URL:


Web Socket URL: wss://192.168.0.201:8089/ws

Step 9: Configure Vicidial Websocket Template

Go to Admin -> Templates and create a new template named "Web_phone". Paste the specified entries, adjusting the cert path:


type=friend 
host=dynamic 
context=default 
trustrpid=yes 
sendrpid=no 
qualify=yes 
qualifyfreq=600 
transport=ws,wss,udp
encryption=yes
avpf=yes
icesupport=yes
rtcp_mux=yes
directmedia=no
disallow=all
allow=ulaw,opus,vp8,h264
nat=yes
dtlsenable=yes
dtlsverify=no
dtlscertfile=/etc/letsencrypt/live/domain_name/cert.pem
dtlsprivatekey=/etc/letsencrypt/live/domain_name/privkey.pem
dtlssetup=actpass

Step 10: Create Phone as Webphone

Go to Admin -> Phones -> Add A New Phone and edit the settings as follows:

  1. Set As Webphone: Y
  2. Webphone Auto-Answer: Y
  3. Use External Server IP: N (if using external IP, set to Y)
  4. Template: Select the template created in Step 9 above

By following these steps, you've successfully secured your Vicidial server and ViciPhone with LetsEncrypt SSL certificates, ensuring a safe and encrypted communication environment.

Comments

Post a Comment

Popular posts from this blog

Vicidial Scratch installation Debian 11 with Asterisk 16, WebRTC and Dynamic Portal

  Vicidial Scratch installation Debian 11  Asterisk 16, WebRTC and Dynamic Portal apt update apt upgrade apt-get install git nano wget cd /usr/src/ git clone https://github.com/manish23k/Vici_Install_Scripts_Deb_11.git cd Vici_Install_Scripts_Deb_11/ chmod +x *.sh Run ./vici_install_deb_ast16.sh Install WebRTC ./vicidial-install-webrtc.sh Once Done with Configuration Secure Server with Vici Dynamic Portal Run ./vici_dynportal.sh
Post a Comment
Read more

Debian 11 Vicidial scratch install dynamic portal

  Step by step guide to scratch install the vidial dynamic portal in Debian 11 or ubuntu based vicidial scratch installations. If you have installed vicidial using scratch installation instead of using the default vicibox iso then you need to manually install and configure the dynamic portal , follow this blog tutorial to scratch install the vicidial dynamic portal . Here's the steps to install and configure the vicidial dynamic portal in scratch installations. Steps to install vicidial dynamic portal cd /usr/src git clone https://github.com/manish23k/vicidial-dynamicportal.git cd vicidial-dynamicportal chmod +x vici_dynportal.sh ./vici_dynportal.sh or you can install manually. Follow the below steps to install and configure the vicidial dynamic portal in your scratch installations, Step 1: Install the firewalld and ipset apt install firewalld apt  install ipset Step 2: Download the Dynamic portal files from my Github cd /usr/src/ mkdir dynamicportal cd dynamicportal wg...
Post a Comment
Read more

voice broadcast in vicidial Step by Step Guide

 Follow all below mention steps:- 1.  Open https://ttsmp3.com/   2.  Select Voice Indian English 3.  Type whatever you want to convert into voice.   4.  Read and confirm and then download as a MP3.   5.  Open downloaded file with wavepad and convert into 16bit Mono 8k PCM WAV. or you can use online audio converter from below mention link. site support .wav file only so you need to convert MP3 file to wav using below mention site. https://g711.org/   6.  Upload file to vicidial audio store.   7.  Manual copy file into /var/lib/asterisk/sound/ folder using winscp software. https://winscp.net/download/WinSCP-5.21.6-Portable.zip   8.  Copy campaign from existing Broadcast camp.   9.  Click on created camp and select details view then click on survey     select Survey First Audio File:- as audio file which we created in step 1 and submit.   10. Create list and select campaign as Newly created ...
Post a Comment
Read more