WebRTC configuration in ICTBraodcast, the unified contact center software solution

WebRTC configuration for ICTBroadcast

To enable WebRTC support over WSS (secure port) in ICTBroadcast we have to install certificates. following is guide to setup free letsencrypt certificates for Asterisk

Get a domain name

We need a domain name to generate certificate, sub domains are also allowed. for example we have sip.example.com

Before starting with certificate generation please redirect your domain / sub domains to your Asterisk server and also remember to replace `sip.example.com` in following with your own domain or sub domain name

Install Letsencrypt

Install certbod binaries

yum install certbot python2-certbot-apache -y

Generate certificates

Enter the following command and proceed with prompts

certbot --apache -d sip.example.com

Install certificates in Asterisk


cd /etc/letsencrypt/live/sip.example.com

echo '' > /etc/asterisk/keys/cert.pem && cat cert.pem >> /etc/asterisk/keys/cert.pem && cat chain.pem >> /etc/asterisk/keys/cert.pem
echo '' > /etc/asterisk/keys/privkey.pem && cat privkey.pem >> /etc/asterisk/keys/privkey.pem

systemctl restart asterisk.service

Cronjob to keep certificates upto date

Letsencrypt expire free certficates after three months, we can override this issue by a simple cronjob

echo "30 2 * * * root /usr/bin/certbot renew >> /var/log/le-renew.log" > /etc/cron.d/letsencrypt.conf

also add cron job to update wss.pem file from Asterisk

echo "30 2 * * * root /usr/ictbroadcast/bin/asterisk/certupdate" > /etc/cron.d/letsencrypt.conf