Ekim
Posted on June 4, 2021
Weekly sharing
Hi everyone, I am Ekim, a fresh Bootcamp graduate and an IT helper (I don't dare to call myself a programmer yet). Every Friday, I will share some of the work that I've done over the last week in a bid to get feedbacks from you guys and record my journey to become a programmer.
Previously
Introduction
Last week, I was doing something related to WebRTC, which was an amazing experience. However, there's one thing I got stuck for a pretty long time related to web socket. It turns out I had to manually permit access for different ports I used even though I had created a self-signed certificate. Today, I would like to share how to create a self-signed certificate on Asterisk and import that into your browser.
Create your self-signed certificate
- It is not difficult to create a self-signed certificate.
cd /asterisk-18.3.0/contrib/scripts # go to /contrib/script
# -C = DNS name or our IP address, -O = organizational name, -d = output directory of the keys
# use the same pass phrase you want for the whole registration
sudo ./ast_tls_cert -C <server-ip> -O "<organizational name>" -d /etc/asterisk/keys
# check if the 'keys' file exists
ls -w 1 /etc/asterisk/keys
sudo service asterisk restart
Import your certificate to let waive manual permission access
- Now, we are going to import our
ca.crt
into our browser. I will use Firefox and Chrome as examples. - You may wonder why you need to import the certificate. The reason is that once you import your certificate, you don't need to permit access for browser to go to your web every time.
- More importantly, when you play around with WebRTC, you need to enable the web socket every time if you don't do so, which is absolutely annoying.
Firefox browser set-up
If you are using Firefox browser, please:
Go to "Options"
Select "Privacy & Security"
Scroll to the bottom of the page under "Security" and "Certificates"
Select "View Certificates"
Make sure "Authorities is selected"
Import "ca.crt", the self-signed certificate we have just created, which is located at /etc/asterisk/keys
Check "Trust this CA to identify websites" and "Trust this CA to identify email users"
Then click "ok"
Conclusion
If you also face the web socket granting permission problem like I did, I hope you would find this article helpful to you. Or if you are interested in WebRTC, please check out this guide: https://github.com/paneru-rajan/asterisk-jssip. A big shoutout to paneru-rajan who provides the WebRTC set-up guide. In the meantime, please take care and stay healthy, and I will see you next week.
Posted on June 4, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.