WebRTC configuration in ICTBraodcast, the unified contact center software solution

WebRTC configuration for ICTBroadcast

=====================================
To enable WebRTC support over WSS (secure port) in ICTBroadcast we have to install certificates. following is guide to setup free letsencrypt certificates for Asterisk

Get a domain name

-----------------
We need a domain name to generate certificate, sub domains are also allowed. for example we have sip.example.com

Before starting with certificate generation please redirect your domain / sub domains to your Asterisk server and also remember to replace `sip.example.com` in following with your own domain or sub domain name

Install Letsencrypt

-------------------
Install certbod binaries

yum install certbot python2-certbot-apache -y

Generate certificates

---------------------
Enter the following command and proceed with prompts

certbot --apache -d sip.example.com

Install certificates in Asterisk

--------------------------------

cd /etc/letsencrypt/live/sip.example.com

echo '' > /etc/asterisk/keys/cert.pem && cat cert.pem >> /etc/asterisk/keys/cert.pem && cat chain.pem >> /etc/asterisk/keys/cert.pem
echo '' > /etc/asterisk/keys/privkey.pem && cat privkey.pem >> /etc/asterisk/keys/privkey.pem

systemctl restart asterisk.service

Cronjob to keep certificates upto date

--------------------------------------
Letsencrypt expire free certficates after three months, we can override this issue by a simple cronjob

echo "30 2 * * * root /usr/bin/certbot renew >> /var/log/le-renew.log" > /etc/cron.d/letsencrypt.conf

also add cron job to update wss.pem file from Asterisk

echo "30 2 * * * root /usr/ictbroadcast/bin/asterisk/certupdate" > /etc/cron.d/letsencrypt.conf