WebRTC stopped working after Chrome update

shomi · November 20, 2020, 9:11pm

Just to avoid confusion. This is directly related to CentOS v6 and the version of OpenSSL it uses. I believe SNG6 is a rebranded version of CentOS 6.

cloudpbxfuzz · November 21, 2020, 3:31am

Agreed. I am moving my boxes to FPBX15 / Asterisk 16 as we speak. However, is there a short term (faster way) to patch in the mean time?

lgaetz · November 21, 2020, 3:32am

Sounds like the work around is to use Firefox.

shomi · November 21, 2020, 11:04pm

I managed to get it working again on Chrome for a generic CE6 install so it is doable. You install 1.0.2 openssl from source then create symlinks to those folders/files from the existing openssl-devel folders/files that asterisk compiles against. “/usr/include/openssl”, “/usr/lib/libcrypto.so”, “/usr/lib/libssl.so”. for 32 bit or /usr/lib64 for 64bit. I’m writing up a procedure for it.

It’s probably easy enough to use asterisk compiled from source on the distro as well but I have never tried.

shomi · November 22, 2020, 9:05pm

This is how I updated OpenSSL and got WebRTC working again on Chrome on CentOS 6 using Asterisk v13. I am using 32bit CE6 but this should also work on 64bit.

# check that version is 1.0.1e which no longer works with WebRTC on Chrome
openssl version -a

yum group install 'Development Tools'
yum -y install perl-core zlib-devel

cd /usr/local/src/
# openssl v1.0.2k is the version that CentOS 7 uses
wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz
tar -xf openssl-1.0.2k.tar.gz
cd openssl-1.0.2k
./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
make && make test && make install

# add the shared library location to ld.so.conf.d so that ldconfig finds it
cd /etc/ld.so.conf.d/
nano openssl-1.0.2k.conf

# contents of openssl-1.0.2k.conf
/usr/local/ssl/lib

# create the necessary links to the shared library
ldconfig -v
# Verify the output shows a link to:
# /usr/local/ssl/lib/libssl.so.1.0.0 and
# /usr/local/ssl/lib/libcrypto.so.1.0.0

# create symlinks to the new version of openssl
# for 64 bit CentOS use /usr/lib64

mv /usr/lib/libcrypto.so /usr/lib/libcrypto.so.bak
ln -s /usr/local/ssl/lib/libcrypto.so /usr/lib/

mv /usr/lib/libssl.so /usr/lib/libssl.so.bak
ln -s /usr/local/ssl/lib/libssl.so /usr/lib/

mv /usr/bin/openssl /usr/bin/openssl.bak
ln -s /usr/local/ssl/bin/openssl /usr/bin/

mv /usr/include/openssl /usr/include/openssl.bak
ln -s /usr/local/ssl/include/openssl /usr/include/

# check that the version is now 1.0.2k
openssl version -a

# Compile or re-compile asterisk as you normally would

I verified that SysAdmin > HTTPS Setup also still works

ngxperts · November 26, 2020, 1:43pm

hi,
were you able to make it work with asterisk 11?
I’m also trying to get it to work with asterisk 11, but if I recompile it with openssl1.2, it somehow breaks the ICE and starts giving ice-ufrag errors.

ngxperts · November 28, 2020, 3:20pm

hi,
are you able to use webrtc with asterisk 11 and chrome 87+?

cloudpbxfuzz · December 14, 2020, 3:57pm

I took the advice and just upgraded to FreePBX 15, which has Asterisk 16. Asterisk 13 is EOL anyway, so it was the right call.

system · June 3, 2021, 10:59pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.