and replaced this two with the files that are used in httpd/ssl.conf
and now I can access to UCP via https/https from FireFox and Chrome. But webRTC phone doesn’t register.
So for first thing: certman is using other method/options for certification generation?
and about second: I don’t receive any traffic from webRTC phone (even any error), how can I debug this?
You need to go into certman and set the certificate you uploaded as the default. It’ll have a green checkmark next to it. Then apply config. Then restart.
The bug you reported ( http://issues.freepbx.org/browse/FREEPBX-12617 ) against webrtc is invalid. I’ve checked webrtc with experts (@billsimon) and we don’t have to do the work around you’ve listed as it’s partially done in the library we use. I still think there’s a major issue with your system
From this and the other few confusing threads on this issue I am gathering that some users are trying to use both http and https in their environments.
@psdk can you use your browser’s developer tools to be SURE everything is going over https and wss in your setup?
I installed a 64-bit version today. after installation, I updated it to 10.13.66-12 with update script. enable Edge and upgrade all modules to latest.
I made a self-signed certificate and install it in Sysadmin.
Point: My test environment was completely different from other my tests.
Result: I could only login to ucp via https with Firefox, and webRTC phone didn’t register.
I login to ucp via http and webRTC phone registered but I had “UNREACHABLE” issue again.
So please don’t tell me this is my installation issue. this makes me crazy.
Well I am sorry to keep telling you this but I can’t replicate it. My support team can’t. My development team can’t. Other users can’t. I don’t know what you expect us to fix when there is nothing we can figure out.
Perhaps you should consider that we really can’t help you here because of import export laws of cryptographic technologies as well.
The code is open source. So I encourage you to try to figure out the solution yourself. When you do you can post here of course or open a bug but right now we aren’t getting anywhere.
yes you’re right. But please advice me again.
My steps are right?
1-download 64-bit ISO.
2-installed it. (almost my tests are on VMware) and IP from DHCP.
3-after installing and running first boot script I upgrade it to latest version via upgrade script.
4-after finishing this, I reboot the system.
5-access to web
6-activate system
7-enable edge
8-update all modules
9-delete default certificate
10-generate a self-signed
11-import in to Apache with Sysadmin
12-create 2 extensions
13-enable UCP and webRTC for one of them.
There were no updates made to anything we have discussed here.
Considering you are coming from Iran. I have no doubt that there are import/export laws specifically prohibiting certain cryptographic technologies from going into your country. Our company is in Canada and the United States, respectively, and thus we really can’t be providing cryptographic support services.
I just want to give this little contribution, that I had almost all Problems described above as well, and I as well used self signed Certificate, which only made WebRTC on http, but not https working.
But after installing an Let’s Encrypt Certificate (which is for free) and reinstalling the UCP Node Server Module, all looks well for me know.
I can logon with https on my UCP Panel, and all Modules are started and “green”, Web Phone as well as XMPP.
So the magic Trick here obviously is really the Let’s encrypt Certificate.
Hope, I could help to not try hours for hours, but go for the Let’s encrypt Certificate right away.