freeswitch的webrtc 需要通过https 连接,然后才能访问freeswitch wss 服务,
所以freeswitch 需要签名认证。
1) freeswitch 的签名产生
第一步产生 wss.pem 文件
和 wss.crt 文件
wget http://files.freeswitch.org/downloads/ssl.ca-0.1.tar.gz
tar zxfv ssl.ca-0.1.tar.gz
cd ssl.ca-0.1/
perl -i -pe 's/md5/sha256/g' *.sh
perl -i -pe 's/1024/4096/g' *.sh
./new-root-ca.sh
./new-server-cert.sh self.verto
./sign-server-cert.sh self.verto
cat self.verto.crt self.verto.key > /usr/local/freeswitch/certs/wss.pem
cat self.verto.crt > /usr/local/freeswitch/certs/wss.crt
2)checkout sipml5
https://github.com/DoubangoTelecom/sipml5.git
3) https server 搭建
本次搭建是在linux 环境下搭建https服务器
a) npm init 产生package.json,可以直接用我下面的文件
指定main为server.js
{
"name": "freeswitch",
"version": "1.0.0",
"description": "test freeswitch for webrtc",
"main": "server.js",
"dependencies": {
"node-static": "^0.7.9"
},
"devDependencies": {},
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"start": "node server.js"
},
"keywords": [
"webrtc"
],
"author": "wwh05022",
"license": "ISC"
}
b)server.js
var https = require('https');
var fs = require('fs');
var url = require('url');
const options = {
key: fs.readFileSync('./wss.pem'),
cert: fs.readFileSync('./wss.crt')
};
https.createServer(options, function (request, response) {
var pathname = url.parse(request.url).pathname;
console.log("Request for " + pathname + " received.");
fs.readFile(pathname.substr(1), function (err, data) {
if (err) {
console.log(err);
// Content Type: text/html
response.writeHead(404, {'Content-Type': 'text/html'});
}else{
// HTTP ״̬Âë: 200 : OK
// Content Type: text/html
response.writeHead(200, {'Content-Type': 'text/html'});
// ÏìÓ¦ÎļþÄÚÈÝ
response.write(data.toString());
}
// ·¢ËÍÏìÓ¦Êý¾Ý
response.end();
});
}).listen(8080);
console.log('Server running at http://127.0.0.1:8080/');
4) cp wss.crt wss.pem 到当前目录
5) npm install
6) npm start 启动 https 服务器
7) 在网页里输入 https://ip:8080/call.htm?svn=252可以看到界面
htttps客户端可以在windows下打开,
浏览器推荐chrome
8) 点击 Export Mode 填写websocket 服务器URL,默认是7443端口
地址一般为wss://ip:7443
ip 为freeswitch服务器地址,点击Save保存
在注册栏,填写信息如下,点击LogIn,如果显示为Connected,表明注册成功。
pulic Identitity:sip:账号@ip:port
Realm:ip
输入呼叫地址,点击Call
呼叫过程中显示“Call In Progress",呼叫成功后显示”In Call“
可能遇到的问题:
1,freeswitch will report “NO candidate ACL
defined, Defaulting to wan.auto” and “no suitable candidates found.” and
exit with “INCOMPATIBLE_DESTINATION”。
localnet.auto(本地网络) 和rfc1918.auto(RFC1918 规定的) 是freeswitch 已经定义好的鉴权部分
<param name="apply-candidate-acl" value="localnet.auto"/>
<param name="apply-candidate-acl" value="rfc1918.auto"/>
自定义的ACL鉴权部分
<param name="apply-candidate-acl" value="domains"/>
参考文献: