Just to avoid confusion. This is directly related to CentOS v6 and the version of OpenSSL it uses. I believe SNG6 is a rebranded version of CentOS 6.
Agreed. I am moving my boxes to FPBX15 / Asterisk 16 as we speak. However, is there a short term (faster way) to patch in the mean time?
Sounds like the work around is to use Firefox.
I managed to get it working again on Chrome for a generic CE6 install so it is doable. You install 1.0.2 openssl from source then create symlinks to those folders/files from the exising openssl-devel folders/files that asterisk compiles against. “/usr/include/openssl”, “/usr/lib/libcrypto.so”, “/usr/lib/libssl.so”. for 32 bit or /usr/lib64 for 64bit. I’m writing up a procedure for it.
It’s probably easy enough to use asterisk compiled from source on the distro as well but I have never tried.
This is how I updated OpenSSL and got WebRTC working again on Chrome on CentOS 6. I am using 32bit CE6 but this should also work on 64bit.
# check that version is 1.0.1e which no longer works with WebRTC on Chrome openssl version -a yum group install 'Development Tools' yum -y install perl-core zlib-devel cd /usr/local/src/ # openssl v1.0.2k is the version that CentOS 7 uses wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz tar -xf openssl-1.0.2k.tar.gz cd openssl-1.0.2k ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib make && make test && make install # add the shared library location to ld.so.conf.d so that ldconfig finds it cd /etc/ld.so.conf.d/ nano openssl-1.0.2k.conf # contents of openssl-1.0.2k.conf /usr/local/ssl/lib # create the necessary links to the shared library ldconfig -v # Verify the output shows a link to: # /usr/local/ssl/lib/libssl.so.1.0.0 and # /usr/local/ssl/lib/libcrypto.so.1.0.0 # create symlinks to the new version of openssl # for 64 bit CentOS use /usr/lib64 mv /usr/lib/libcrypto.so /usr/lib/libcrypto.so.bak ln -s /usr/local/ssl/lib/libcrypto.so /usr/lib/ mv /usr/lib/libssl.so /usr/lib/libssl.so.bak ln -s /usr/local/ssl/lib/libssl.so /usr/lib/ mv /usr/bin/openssl /usr/bin/openssl.bak ln -s /usr/local/ssl/bin/openssl /usr/bin/ mv /usr/include/openssl /usr/include/openssl.bak ln -s /usr/local/ssl/include/openssl /usr/include/ # check that the version is now 1.0.2k openssl version -a # Compile or re-compile asterisk as you normally would
I verified that SysAdmin > HTTPS Setup also still works
were you able to make it work with asterisk 11?
I’m also trying to get it to work with asterisk 11, but if I recompile it with openssl1.2, it somehow breaks the ICE and starts giving ice-ufrag errors.