Skip to main content

Alma 9 Vicidial Selfsign Webrtc

I am going to provide step by step guide to integrate, enable and configure the viciphone(a webrtc phone) in vicidial (also applicable to any vicidial based system) using the Self Signed SSL Certificate ,ie without a public-ip and FQDN or accessing the vicidial with internal LAN IP.



1️⃣ Install OpenSSL (if not installed)

sudo dnf install -y openssl


2️⃣ Generate a Private Key

openssl genpkey -algorithm RSA -out selfsigned.key -pkeyopt rsa_keygen_bits:2048

3️⃣ Create a Certificate Signing Request (CSR)

openssl req -new -key selfsigned.key -out selfsigned.csr

It will prompt you for details like:

  • Country Name (e.g., IN)
  • State or Province (e.g., Gujarat)
  • Locality (City)
  • Organization Name
  • Common Name (Domain, e.g., example.com or your server IP)
  • Email Address

You can use localhost or an IP address if needed.


4️⃣ Generate a Self-Signed Certificate

openssl x509 -req -days 365 -in selfsigned.csr -signkey selfsigned.key -out selfsigned.crt


  • -days 365 → Valid for 1 year (Adjust as needed)
  • selfsigned.crt → SSL certificate file
  • selfsigned.key → Private key

5️⃣ Verify the Certificate

openssl x509 -in selfsigned.crt -text -noout


6️⃣ Configure Apache to Use SSL

If you are using Apache:

  • Copy the files:
    sudo cp selfsigned.crt /etc/pki/tls/certs/
    sudo cp selfsigned.key /etc/pki/tls/private/
  • Edit Apache config:

    sudo nano /etc/httpd/conf.d/ssl.conf
    Update:
    SSLCertificateFile /etc/pki/tls/certs/selfsigned.crt
SSLCertificateKeyFile /etc/pki/tls/private/selfsigned.key
  • Restart Apache:
    sudo systemctl restart httpd

7️⃣ Allow HTTPS Traffic


sudo firewall-cmd --permanent --add-service=https 
sudo firewall-cmd --reload


optional:- 

Redirect All HTTP to HTTPS connection

Edit the below mentioned file

     nano /etc/httpd/conf.d/default.conf

Add below line after DocumentRoot as shown below

    DocumentRoot /var/www/html
    Redirect permanent / https://yourserverip/   

Note: its My Redirect IP / https://192.168.1.9/


Asterisk configuration to support webrtc:


Edit /etc/asterisk/http.conf and make sure below settings enabled

   nano /etc/asterisk/http.conf

 [general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/pki/tls/certs/selfsigned.crt
tlsprivatekey=/etc/pki/tls/private/selfsigned.key

save the file.


Vicidial configuration

Make sure the vicidial admin interface is accessible via https
https://192.168.1.9/vicidial/admin.php
Step 5.1
Go to ADMIN --> System settings
Change the Wephone URL

    Wephone URL: /PBXWebPhone/viciphone.php


Goto ADMIN -> Servers
configure the External Server IP:
If your server is accessible from outside ie Public ip ,enter your public ip here. if not leave it blank or enter your local server ip.

    Web Socket URL : wss://192.168.1.9:8089/ws

if you are accessing your server with public ip then
Set External Web Socket URL: wss://publicip/fqdn:8089/ws
or Leave it blank


Comments

Post a Comment

Popular posts from this blog

Vicidial Scratch installation Debian 11 with Asterisk 16, WebRTC and Dynamic Portal

  Vicidial Scratch installation Debian 11  Asterisk 16, WebRTC and Dynamic Portal apt update apt upgrade apt-get install git nano wget cd /usr/src/ git clone https://github.com/manish23k/Vici_Install_Scripts_Deb_11.git cd Vici_Install_Scripts_Deb_11/ chmod +x *.sh Run ./vici_install_deb_ast16.sh Install WebRTC ./vicidial-install-webrtc.sh Once Done with Configuration Secure Server with Vici Dynamic Portal Run ./vici_dynportal.sh
Post a Comment
Read more

Debian 11 Vicidial scratch install dynamic portal

  Step by step guide to scratch install the vidial dynamic portal in Debian 11 or ubuntu based vicidial scratch installations. If you have installed vicidial using scratch installation instead of using the default vicibox iso then you need to manually install and configure the dynamic portal , follow this blog tutorial to scratch install the vicidial dynamic portal . Here's the steps to install and configure the vicidial dynamic portal in scratch installations. Steps to install vicidial dynamic portal cd /usr/src git clone https://github.com/manish23k/vicidial-dynamicportal.git cd vicidial-dynamicportal chmod +x vici_dynportal.sh ./vici_dynportal.sh or you can install manually. Follow the below steps to install and configure the vicidial dynamic portal in your scratch installations, Step 1: Install the firewalld and ipset apt install firewalld apt  install ipset Step 2: Download the Dynamic portal files from my Github cd /usr/src/ mkdir dynamicportal cd dynamicportal wg...
Post a Comment
Read more

Vicidial Scratch installation Alma -9

Step 1 – Download the dependencies   hostnamectl set-hostname xxxxxx.xxxxx.xxx ### Use YOUR SubDomain vi /etc/hosts ##Change domain name for actual server ip (xxx.xxx.xxx.xxx   complete domain name    subdomain only) timedatectl set-timezone Asia/Kolkata yum check-update yum update -y yum -y install epel-release yum update -y yum install git -y yum install -y kernel* #Disable SELINUX sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config     reboot Step 2 – Run the Script cd /usr/src/ git clone https://github.com/manish23k/vicidial-install-scripts cd vicidial-install-scripts chmod +x alma-rocky9-ast16.sh ./alma-rocky9-ast16.sh Or the Asterisk 18 version: chmod +x alma-rocky9-ast18.sh ./alma-rocky9-ast18.sh
Post a Comment
Read more