#VICIDIAL #Certbot #SSL #VICIPHONE #WebRTC INSTALLATION
#WebPhonoe #Vicibox #letsencypt
-----------------------------------------------------------------------------------------
*****Certbot SSL installation on Vicibox9******
-------------------------------------------------------------------------------------------
First of ALL you Need Domain name Pointed to IP Address
E.g vicidial.xyz.com pointed to IP 111.111.111.111
Here I am Using domain NAME : phone.live.com
Lets Begin Installation of SSL on VICIBOX 9:
---------------------------------------------------------------------------------------------
Step1. Open VICIDIAL Server Via SSH using putty
Type commad on terminal:
zypper in certbot
---------------------------------------------------------------------------------------------
Step2. Edit configuration file name : cli.ini by typing command:
nano /etc/certbot/cli.ini
: Comment out line
#server = https://acme-staging.api.letsencrypt....
; Uncomment line
server = https://acme-v02.api.letsencrypt.org/...
and save it.
----------------------------------------------------------------------------------------------
Step3. Now for installing ssl type command :
vicibox-certbot
; after typing this command it will ask
what is your eamil address : test@hotmail.com
what is your fully Qualified Domain Name (FQDN): phone.live.com
E-mail : test@hotmail.com
FQDN: phone.live.com
Do you want to continue using the above settings? (N/Y) : Y
Updating /etc/certbot/cli.ini ... done.
Do you wnat to run certbot now to generate a certificate ? ( N/Y) : Y
Would you be willing to share your email address ...... (Y)es (N)o : N
; after above command it will generate certificate and ask
Do you want to enable the new SSL certificate in Apache/Asterisk ? (N/Y) : Y
Do you want to add this to the crontab now? (N/y) : y
; Now after above step the certbot installation is completed
-----------------------------------------------------------------------------------------------------------
Step 4. Edit default apache2 configuration file "1111-default.conf"
by typing command :
nano /etc/apache2/vhosts.d/1111-default.conf
### To force everything to SSL you need to uncomment the following lines
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
-------------------------------------------------------------------------------------------------------------
Step 5. Restart apache2 services by typing command:
service apache2 restart
Step 6. nano /etc/asterisk/http.conf
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
enablestatic=yes
tlsenable=yes
tlsbindaddr=yourip:8089
tlscertfile=.......
tlsprivatekey=.....
Step 7. sip.conf
[general]
transport=udp,ws,wss
avpf=yes
udpbindaddr=0.0.0.0:8089
realm=domain
allowguest = no
overlap=no
mohinterpert=default
mohsuggest=default
Step 8. Downloading the viciphone
cd /var/tmp
git clone https://github.com/vicimikec/ViciPhone.git
cd Viciphone
cp -r Source /srv/www/htdocs/agc/viciphone
chmod -R 755 /srv/www/htdocs/agc/viciphone
Step 9. Vicidial configuration
Make sure the vicidial admin interface is accessible via https
https://11.11.11.11/vicidial/admin.php
Step 10. Go to ADMIN --> System settings
Change the Wephone URL
Wephone URL: https://11.11.11.11/agc/viciphone/viciphone.php
Submit
Step 11. Goto ADMIN -> Servers
configure the External Server IP:
If your server is accessible from outside ie Public ip ,enter your public ip here. if not leave it blank or enter your local server ip.
Set Web Socket URL : wss://192.168.29.99:8089/ws
if you are accessing your server with public ip then Set External
Web Socket URL: wss://publicip/fqdn:8089/ws
or Leave it blank
SUBMIT
Step 12. Go to Admin -> Templates
Create a new template with below entries (edit the cert path) with name vicitemplate
type=friend
host=dynamic
encryption=yes
avpf=yes
icesupport=yes
directmedia=no
transport=wss
force_avp=yes
dtlsenable=yes
dtlsverify=no
dtlscertfile=/etc/apache2/ssl.crt/viciphone.crt
dtlsprivatekey=/etc/apache2/ssl.key/viciphone.key
dtlssetup=actpass
rtcp_mux=yes
No comments:
Post a Comment