Kamilio and JS SIP Websocket Secure

2.7k views Asked by At

I'm trying configure Kamailio with WebSocket Secure (wss) using JSSIP on client-side. I made settings on kamailio.cfg and tls.cfg, besides allowed ports and redirect. On my browser console I see that: jssip-3.0.13.js:21334 WebSocket connection to 'wss://mydomain.com:4443/' failed: WebSocket opening handshake was canceled

But, if I use ws ('ws://mydomain.com:8080/') it works.

Does someone knows how to fix that problem?

I generated the certificates, but the problem persists. I'm using nodeJS as a server.

kamailio.cfg file:

/* add local domain aliases */

alias="mydomain.com"

listen=udp:private_ip:5060 advertise public_ip:5060

listen=tcp:private_ip:5060 advertise public_ip:5060

listen=tcp:private_ip:5061 advertise public_ip:5061

listen=MY_WS_ADDR advertise public_ip:8080

listen=tls:private_ip:4443 advertise public_ip:5061

"#!ifdef WITH_TLS

listen=MY_WSS_ADDR advertise public_ip:4443

"#!endif

tcp_connection_lifetime=3604

tcp_accept_no_cl=yes

tcp_rd_buf_size=16384

/* port to listen to (default 5060 for udp, tcp, scrtp, or 5061 for tls)*/

"# port=5060

[...]

"#!define WITH_NAT"

"#!define WITH_MYSQL"

"#!define WITH_AUTH

"#!define WITH_USRLOCDB"

"#!define WITH_TLS"

"#!define WITH_DEBUG"

"#!substdef "!MY_IP_ADDR!my_private_ip!g"

"#!substdef "!MY_DOMAIN!my_public_ip!g"

"#!substdef "!MY_WS_PORT!8080!g"

"#!substdef "!MY_WSS_PORT!4443!g"

"#!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g"

"#!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g"

Extra info The event_route[xhttp:request] is equal Kamailio 5.0 docs: https://kamailio.org/docs/modules/5.0.x/modules/websocket.html [...]

tls.cfg file:

[...]

[server:default]

method = TLSv1

verify_certificate = no

require_certificate = yes

private_key = /etc/certs/mydomain.com/key.pem

certificate = /etc/certs/mydomain.com/cert.pem

[...]

[...]

[client:default]

verify_certificate = yes

require_certificate = yes

[...]

Javascript:

var socket = new JsSIP.WebSocketInterface('wss://mydomain.com:4443');
    var configuration = {
      sockets  : [ socket ],
      uri      : 'sip:[email protected]',
      password : '******',
    };

NodeJS:


    'use strict';

    var os = require('os');
    var path = require('path');
    const https = require('https');
    var url = require('url');
    const fs = require('fs');

    const options = {
        key:    fs.readFileSync('demoCA/key.pem'),
        passphrase: '*********',
        cert: fs.readFileSync('demoCA/cert.pem')
    };

    var app = https.createServer(options, function(req, resp) {
    var url_parts = url.parse(req.url);
    var path = url_parts.pathname;
    console.log(path)
    fs.readFile(__dirname + path, function(err, data) {
    if(err) {
        resp.writeHead(404, {'Content-Type': 'text/html'});
        resp.write('Not found');
    } else {
       resp.writeHead(200, {'Content-Type': 'text/html'});
       resp.write(data);
    }
    resp.end();
    });
});

   app.listen(443);

AWS

Listening on

udp: private_ip:5060 advertise public_ip:5060

tcp: private_ip:5060 advertise public_ip:5060

tcp: private_ip:5061 advertise public_ip:5061

tcp: private_ip:8080 advertise public_ip:8080

tls: private_ip:4443 advertise public_ip:4443

Aliases:

tls: ip-private_ip.us-west-2.compute.internal:4443

tcp: ip-private_ip.us-west-2.compute.internal:8080

tcp: ip-private_ip.us-west-2.compute.internal:5061

tcp: ip-private_ip.us-west-2.compute.internal:5060

udp: ip-private_ip.us-west-2.compute.internal:5060

If you need more details, ask me, so I will edit my question.

1

There are 1 answers

0
Washington Costa On BEST ANSWER

I solved my problem. I was missing load some modules and routers.

I saw this file as example: https://gist.github.com/jesusprubio/4066845 but is important to know that every module the begin "mi" they aren't supporte on Kamailio 5.0. You will need replace for the module relative the version 5.0.

I used this site to generated the certificates: certbot.eff.org/#ubuntuxenial-nginx

I hope it helpful someone.