Hi
I tested yesterday the SIPML5 fix and I can confirm it works as expected
with Asterisk 12 SVN-trunk-r415192 using chan_sip and no DTLS enabled.
Tested with Chrome 35.0.1916.153m.
The patch is targeted to Chrome. Firefox still be unable to handle calls
in my setup.
In my tests I've found some asterisk exceptions when SIMPL5 is used from
Chrome with the provided patch AND DTLS is configured for the peer in
sip.conf AND certificates are installed in Chrome. I suppose this is
something work in progress so I'm not worried about it.
I can also confirm the problem with wss where the SIPML5 seems not able
to connect to the asterisk box.
Thank you and best regards,
Marco Signorini.
On 06/12/2014 03:21 AM, Steve Ng wrote:
I am using Asterisk v12.3.
As far as DTLS, I understand that applying the following Javascript
will temporarily fix for SIPML5 to Asterisk:
https://gist.github.com/steve-ng/14b9b88af43f92db1e46
WS works for me, its just wss which I'm stuck currently.
On Thu, Jun 12, 2014 at 4:37 AM, Miguel Molina
<mfmolina-lis...@millenium.com.co
<mailto:mfmolina-lis...@millenium.com.co>> wrote:
El 11/06/2014 1:52 p. m., Matthew Jordan escribió:
On Wed, Jun 11, 2014 at 1:32 PM, William Hetherington
<w...@willwh.com <mailto:w...@willwh.com>> wrote:
Chrome 35 broke all of this.... you need to be using DTLS now
I believe.
I had working secure web sockets with asterisk 12.2.x and
chrome 34.... and then google broke eveything :)
I have not yet got around to test out DTLS etc. with chrome 35
Just so I don't waste too much time when I go to test, does
anyone know if all that's required for DTLS on the asterisk
side is the following in sip.conf?
dtlsenable=yes
dtlsverify=yes
dtlsrekey=60
dtlscafile=/usr/local/share/ca-certificates/myCA.crt
dtlscertfile=/etc/ssl/mycert.com.pem
dtlssetup=actpass
I assume I also need TLS configs in http.conf
Signalling is independent of the media; DTLS only affects the media.
However, there are known issues with Chrome's negotiation of DTLS
and Asterisk - see
https://issues.asterisk.org/jira/browse/ASTERISK-22961
--
Matthew Jordan
Digium, Inc. | Engineering Manager
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: http://digium.com & http://asterisk.org
It is broken in Chrome (firefox never had SDES) because the WebRTC
standard favoured the DTLS SRTP implementation instead of the SDES
one. The thing is that although Asterisk supports DTLS
implementation, it only supports SHA-1 hashing but both Firefox
and Chrome work with SHA-256. The patch proposed in ASTERISK-22961
is an effort to solve this issue.
Best regards
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
