Hello I have integrated freepbx in my application for calling but the connection to websocket url is failing. It can not connect to it. What could be the reason? Does asterisk starts the websocket automatically?
Make sure that the transport is enabled in Settings > Asterisk SIP Settings > SIP Settings
You will need to fwconsole restart after apply config after changing these settings.
I have enabled this after you suggested but my problem persist and also the asterisk commands are running with sudo. They dont run without sudo.
‘They’ run as the user of the shell you are in. If that is ‘root’ you should be good, if not then /usr/sbin (because that is where it would be 
) needs to be in the PATH or you can directly call it with /usr/sbin/fwconsole.
How did you install FreePBX/Asterisk ?
Is Asterisk actually running wss (and ws) services ?
ss -an|grep '808[89]'
Are your TLS certificates installed correctly ?
ls -l /etc/asterisk/keys/
ls -l /etc/asterisk/keys/integration
ls -l /etc/asterisk/keys/
-rw------- 1 asterisk asterisk 1679 Jun 27 2021 api_oauth.key
-rw------- 1 asterisk asterisk 451 Jun 27 2021 api_oauth_public.key
-rw-rw-r-- 1 asterisk asterisk 213 Jun 27 2021 ca.cfg
-rw-rw-r-- 1 asterisk asterisk 1740 Jun 27 2021 ca.crt
-rw-rw-r-- 1 asterisk asterisk 3243 Jun 27 2021 ca.key
-rw------- 1 asterisk asterisk 1712 Jun 27 2021 default.crt
-rw------- 1 asterisk asterisk 1610 Jun 27 2021 default.csr
-rw------- 1 asterisk asterisk 3243 Jun 27 2021 default.key
-rw------- 1 asterisk asterisk 4955 Jun 27 2021 default.pem
ls -l /etc/asterisk/keys/integratiion
-rw-rw-r-- 1 asterisk asterisk 2240 Jun 27 2021 4b2e523581b6e7c7.pem
-rw-rw-r-- 1 asterisk asterisk 1704 Jun 27 2021 cct-platforms.com.key
-rw------- 1 asterisk asterisk 4955 Jun 27 2021 certificate.pem
-rw------- 1 asterisk asterisk 1712 Jun 27 2021 webserver.crt
-rw------- 1 asterisk asterisk 3243 Jun 27 2021 webserver.key
Depending on your client , you might well need an acceptable non self-signed certification.
openssl x509 -text -noout -in /etc/asterisk/keys/integration/webserver.crt
openssl x509 -text -noout -in /etc/asterisk/keys/default.crt
and from your client
openssl s_client -connect your.server.url:8089 </dev/null
(you either have a typo or a misconfiguration with your posted ls -l /etc/asterisk/keys/integratiion (sic) )
Yes sorry it was type but the actual path is correct on server. These commands prints the certificate data. The last command openssl s_client -connect your.server.url:8089 </dev/null prints below.
140122257339712:error:0200206E:system library:connect:Connection timed out:../crypto/bio/b_sock2.c:110: 140122257339712:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111: 140122257339712:error:0200206E:system library:connect:Connection timed out:../crypto/bio/b_sock2.c:110: 140122257339712:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111: 140122257339712:error:0200206E:system library:connect:Connection timed out:../crypto/bio/b_sock2.c:110: 140122257339712:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111: 140122257339712:error:02002065:system library:connect:Network is unreachable:../crypto/bio/b_sock2.c:110: 140122257339712:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111: 140122257339712:error:02002065:system library:connect:Network is unreachable:../crypto/bio/b_sock2.c:110: 140122257339712:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111: 140122257339712:error:02002065:system library:connect:Network is unreachable:../crypto/bio/b_sock2.c:110: 140122257339712:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111:
Well , you don’t print the content, it will show you the nature of the cert and the CN (Canonical Name) of the host and the issuer for which it is pertinent and would need to be the same as your.server.url in the last one.
As you can see there is no working route to your.server.name:8089 so that might be a firewall or Name Service problem which you will need to fix first. To check the Name Server, `traceroute your.server.url’ , if that succeeds then check your firewall rules.
CN is different than my server host name. tracepath gets reply from the IP but sudo ufw status shows Status: Inactive which I think is fine? I think the CN is being different may be the issue.
Both, You need to get a valid certificate for your.server.url and install it into FreePBX as the default.
Tracepath uses ICMP, but you need TCP to(and from) your.server.url:8089 open also. If you have netcat (nc)
nc -zv your.server.url 8089
from the client.
nc output nc: connect to server-host.com port 8089 (tcp) failed: Connection timed out
A little more complicate with Cloudflare, a better way would be to have them generate your Certs and propagate them into your FreePBX.
Of course there must be an open route to cct-platforms.com:8089
Your help has been great. Generate a certificate and open tcp on 8089 will work?
I edited for your use of cloudflare . . .
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.