WebRTC phone with HTTPS

Is there anything I need to do to get the WebRTC phone working when the page is secure (HTTPS)? I am using the freepbx distro v12. When the page is in HTTP everything is working fine. When the page is secure the WebRTC phone doesn’t dial. I can open the phone and type a number, but hitting Dial does nothing. I wanted a few sales users to use the WebRTC phone when at home and Chrome prompts to use the microphone on every call. Chrome recommends to use a secure page and it will automatically accept microphone access then.

https://support.google.com/chrome/answer/2693767?hl=en

In /var/etc/httpd/conf.d/ssl.conf I replaced the localhost.crt and localhost.key with my own and set the

DocumentRoot /var/www/html/ucp/
ServerName pbx.myserver:443

Out of curiosity and testing I have even tried to reverse proxy 443 back to itself on port 80. It still does not work…

If anyone can tell me how they got this working with HTTPS that would be awesome.

Here is what I have so far.

LoadModule ssl_module modules/mod_ssl.so
Listen 443
<VirtualHost *:443>
  SSLEngine on
  SSLCertificateFile /etc/pki/tls/certs/pbx.crt
  SSLCertificateKeyFile /etc/pki/tls/private/pbx.key

  ProxyPass / http://0.0.0.0:80/
  ProxyPassReverse / http://0.0.0.0:80/
</virtualhost>

Everything on the page is working as far as I can tell except for the WebRTC.

WebRTC does not connect through apache so any settings in there are not relevant to WebRTC. WebRTC connects directly to asterisk over websockets.

I noticed this by looking at the console in chrome.

The page at 'https://pbx.mydomain.com/?display=dashboard' was loaded over HTTPS, but ran insecure content from 'ws://0.0.0.0:8088/ws': this content should also be loaded over HTTPS.

.

Mixed Content: The page at 'https://pbx.mydomain.com/?display=dashboard' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://pbx.mydomain.com:8001/socket.io/?token=823669566e113c7208f6300b521d6081&EIO=3&transport=polling&t=1421358357946-0'. This request has been blocked; the content must be served over HTTPS.

Is there a way to use wss:// for secure websockets?

The socket.io error is unrelated. You should first update your modules so that won’t show up

I have updated my modules this morning and the socket.io error is gone now.

How do we get a secure socket connection?

same problem here… can’t make webrtc works on https because of secure connection.

I am getting this instead…I have WSS configured properly, I think.

Engine connecting
VM29402:23676 Mixed Content: The page at 'https://URLHIDDEN.com/?display=dashboard' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://URLHIDDEN.com:8088/ws'. This endpoint should be available via WSS. Insecure access is deprecated.
VM29402:23676 Connecting to a non-secure WebSocket server from a secure origin is deprecated.

WSS is not supported in UCP at this time.

EDIT: This is no longer true! This has been linked by a few recent articles. FreePBX now supports WSS