Websocket without TLS

I need to activate the “Builtin mini-HTTP server” to enable WebSocket on port 8088 without TLS or any security encryption because my extensions which want to connect to the PBX via WebSockets are on the same machine.
so I just need to this path be accessible for WebSocket " ws:// "

as I tried several times WebSocket module will not enable without TLS or setup Certificates.
so I can not set up this path, and I don’t know how I can be sure about the proper configuration and working of this WebSocket.

Note that This machine have no internet access to create or verify the SSL or TLS certificates

Have you tried a self signed certificate?

I’m pretty sure that there is not going to be any support for unencrypted web sockets, but if there is, I’d think there is going to be a marginally higher chance that people on the Asterisk Forum will know about it, as it doesn’t seem to me that you are really doing anything FreePBX specific.

Having an internet connection is not necessary for this. You don’t need any auxiliary network connection to verify certificates. You would probably need one to check for revocations, if that is supported, but that could be a local server.

Asterisk comes with some scripts to use OpenSSL to create your own CA, and to create and sign certificates. You would, in that case, have to install the local CA certificate on all the browsers.

Certificates are actually part of the public key infrastructure, not TLS. You can use TLS without PKI, as long as both sides support it. I don’t know if it can be enabled in Asterisk.

yes, but no success, even though I don’t know how I can check it properly.
I use some NODEJS programs to check if they work or not, but I have no trust in them too.
is there any other way to test this path “ws://” is working?

I tried to use local CA on my machine but had no success, may I do the wrong step?
it seems you’re professional with FPBX, so may I ask you to help me and tell me what I must do step by step? and how I can check the socket connection on the Linux machine?
actually, I follow “WebRTC+Phone-UCP” article to enable the WebSocket.

I have some dated experience with Asterisk, and I don’t do consultancy contracts.

From the Asterisk console, run

http show status

And share the output please

CLI Command
http show status


      HTTP Server Status:
      Server: Asterisk/16.2.1~dfsg-1+deb10u2
      Server Enabled and Bound to [::]:8088
      HTTPS Server Enabled and Bound to [::]:8089
      Enabled URI's:
      /httpstatus => Asterisk HTTP General Status
      /static/... => Asterisk HTTP Static Delivery
      /ari/... => Asterisk RESTful API
      /ws => Asterisk HTTP WebSocket
      Enabled Redirects:

So it looks like it is listening just fine.

To confirm that you can open a browser and go to http://your.ip:8088/ws and you should see an error Upgrade Required since it is not a web socket

yes I got this message in the browser

Upgrade Required


How I can check if it works properly?
I tried many google chrome bowser extensions and android apps to check is this socket working or not, but they failed.
I don’t know how I can check it, even on the machine I have a NODEJS program that tries to connect via localhost but has had no success yet.

is there any Linux command for that?

wscat -s echo -c ws://
1 Like

Thanks, I found it right now on the web and test it in many ways:

wscat -c “ws://”
error: Unexpected server response: 404

wscat -c “wss://”
error: connect ECONNREFUSED

wscat -c “ws://”
error: Unexpected server response: 400

wscat -c “wss://”
error: write EPROTO 140365066352576:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:…/deps/openssl/openssl/ssl/record/ssl3_record.c:332:

wscat -c “ws://”
error: socket hang up

wscat -c “wss://”
error: self signed certificate

your command working !!!
what’s the difference?

wscat -s echo -c ws://
Connected (press CTRL+C to quit)

This indicates that it is working.

Is there any command that I can type when it’s connected to get results from the WebSocket?

What are you trying to achieve?

I check this with my NODEJS code, but it still can not connect and fail


so I think may it cause because of the self-signed certificate.
I have no idea, I just want to test each section step by step to debug it

@PitzKey you’re helped me a lot, I really appreciate you :pray:

after several days of experience connecting to a local FPBX server via WebSocket, and making calls through the NODEJS application, I found that this was totally impossible because there was no way to make an audio or video connection on the server side via the WebSocket.
I learned how to activate the WebSocket and test it, also connect to it in the NODEJS application. I change my way to solve my problem but I left my code here for others who want to follow this for feature research and development also it’s helpful for text messaging.

Thanks you all

const JsSIP = require('jssip');
const NodeWebSocket = require('jssip-node-websocket');
let socket = new NodeWebSocket('ws://');

let ua = new JsSIP.UA(

        uri          : 'sip:[email protected]',
        authorization_user: "333",
        password     : "333",
        display_name : "INT 1",
        sockets      : [ socket ],
        register     : true

ua.on('connected', function(e){ console.log("connected") });
ua.on('disconnected', function(e){ console.log("disconnected") });
ua.on('newRTCSession', function(e){ console.log(e) });
ua.on('newMessage', function(e){ console.log(e) });
console.log("User Agent Created.");

var eventHandlers = {
  'progress': function(e) {
    console.log('call is in progress');

  'failed': function(e) {
    console.log('call failed with cause: '+ e.data.cause);

  'ended': function(e) {
    console.log('call ended with cause: '+ e.data.cause);

  'confirmed': function(e) {
    console.log('call confirmed');

var options = {
  'eventHandlers'    : eventHandlers,
  'mediaConstraints' : { 'audio': false, 'video': false }

// make a call
var session = ua.call('sip:[email protected]', options);