Verto模块启用
Verto模块启用
一、环境
debian 11,gcc 10.2.1,openssl 1.1.1n ,freeswitch 1.10.10,测试终端 windows 10 64 位 (浏览器:Microsoft edge 115.0.1901.183 64 位 ,Chrome 112.0.5615.138 64位)
二、Verto配置
修复Verto配置文件:conf/autoload_configs/verto.conf.xml
<configuration name="verto.conf" description="HTML5 Verto Endpoint"> <settings> <param name="debug" value="10"/> <!-- seconds to wait before hanging up a disconnected channel --> <param name="detach-timeout-sec" value="120"/> <!-- enable broadcasting all FreeSWITCH events in Verto --> <!-- <param name="enable-fs-events" value="false"/> --> <!-- enable broadcasting FreeSWITCH presence events in Verto --> <param name="enable-presence" value="false"/> </settings> <profiles> <profile name="default-v4"> <param name="bind-local" value="$${local_ip_v4}:8081"/> <param name="bind-local" value="$${local_ip_v4}:8082" secure="true"/> <param name="force-register-domain" value="$${domain}"/> <param name="secure-combined" value="/usr/local/freeswitch/certs/wss.pem"/> -证书的位置,一会儿存放证书时要用 <param name="secure-chain" value="/usr/local/freeswitch/certs/wss.pem"/> <param name="userauth" value="true"/> <!-- setting this to true will allow anyone to register even with no account so use with care --> <param name="blind-reg" value="false"/> <param name="mcast-ip" value="224.1.1.1"/> <param name="mcast-port" value="1337"/> <param name="rtp-ip" value="$${local_ip_v4}"/> <!-- <param name="ext-rtp-ip" value=""/> --> <param name="local-network" value="localnet.auto"/> <param name="outbound-codec-string" value="opus,vp8,h264"/> <param name="inbound-codec-string" value="opus,vp8,h264"/> <param name="apply-candidate-acl" value="localnet.auto"/> <param name="apply-candidate-acl" value="wan_v4.auto"/> <param name="apply-candidate-acl" value="rfc1918.auto"/> <param name="apply-candidate-acl" value="any_v4.auto"/> <param name="timer-name" value="soft"/> </profile> <profile name="default-v6"> <param name="bind-local" value="[$${local_ip_v6}]:8081"/> <param name="bind-local" value="[$${local_ip_v6}]:8082" secure="true"/> <param name="force-register-domain" value="$${domain}"/> <param name="secure-combined" value="$${certs_dir}/wss.pem"/> <param name="secure-chain" value="$${certs_dir}/wss.pem"/> <param name="userauth" value="true"/> <!-- setting this to true will allow anyone to register even with no account so use with care --> <param name="blind-reg" value="false"/> <param name="rtp-ip" value="$${local_ip_v6}"/> <!-- <param name="ext-rtp-ip" value=""/> --> <param name="outbound-codec-string" value="opus,vp8"/> <param name="inbound-codec-string" value="opus,vp8"/> <param name="apply-candidate-acl" value="wan_v6.auto"/> <param name="apply-candidate-acl" value="rfc1918.auto"/> <param name="apply-candidate-acl" value="any_v6.auto"/> <param name="apply-candidate-acl" value="wan_v4.auto"/> <param name="apply-candidate-acl" value="any_v4.auto"/> <param name="timer-name" value="soft"/> </profile> </profiles> </configuration>
为用户配置verto支持,修改directory/default.xml,在<params>和</params>中添加如下:
<param name="jsonrpc-allowed-methods" value="verto"/> <param name="jsonrpc-allowed-event-channels" value="demo,conference,presence"/>
为每个用户的xml配置文件添加verto相关内容(以1000.xml为例):
<user id="1001"> <params> <param name="password" value="$${default_password}"/> <param name="vm-password" value="1001"/> <param name="verto-context" value="public"/> <param name="verto-dialplan" value="XML"/> </params>
如果使用会议功能,则需修改配置文件conf/autoload_configs/conference.conf.xml
在<profiles>和</profile>中检查conference-flags项目,确保其中包含livearray-sync和livearray-json-status拨号计划配置例如:
<extension name="HTML5 Verto"> <condition field="destination_number" expression="^(10[0-9][0-9])$"> <action application="export" data="dialed_extension=$1"/> <action application="set" data="call_timeout=30"/> <action application="bridge" data="${verto_contact ${dialed_extension}@${dialed_domain}}"/> </condition> </extension>
至此freeswitch针对verto的配置已经完成,想要测试的话,需要使用freeswitch自带的verto demo,安装使用过程下文:
三、创建证书
因为wss方式的访问是加密的,所以需要配置https方式运行demo,先创建一个自签名证书,以供freeswitch和web服务使用,注意二者需要使用同一套证书才能顺利的访问freeswitch。创建自签名证书,过程中按提示输入各种信息,过程中需要openssl的支持,如果未安装请提前自行安装。
wget http://files.freeswitch.org/downloads/ssl.ca-0.1.tar.gz tar zxfv ssl.ca-0.1.tar.gz cd ssl.ca-0.1/ perl -i -pe 's/md5/sha256/g' *.sh perl -i -pe 's/1024/4096/g' *.sh ./new-root-ca.sh ./new-server-cert.sh self.verto ./sign-server-cert.sh self.verto cat self.verto.crt self.verto.key > /usr/local/freeswitch/certs/wss.pem /*注意此路径和verto配置文件中的相同*/
四、安装web服务(apache)
sudo apt-get install apache2 sudo a2enmod ssl sudo a2enmod rewrite
修改/etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:443> -- 修改为443 ………… --增加下面几行 SSLEngine On SSLOptions +StrictRequire SSLCertificateFile /usr/local/freeswitch/certs/wss.pem SSLCertificateKeyFile /usr/local/freeswitch/certs/wss.pem SSLCertificateChainFile /usr/local/freeswitch/certs/wss.pem </VirtualHost>
重启apache
sudo service apache2 restart
五、测试
将verto demo放到apache的web页面目录中
cp -rf /opt/freeswitch-1.8.7/html5/verto/video_demo /var/www/html
此外verto还提供了不带视频的demo和verto_communicator。
打开浏览器(我用的Chrome)访问https://IP/video_demo。提示未信任时,选高级,点击继续。
六、nginx服务配置
如下图所示:
其中wss.key为私钥