WebRTC with Asterisk and Amazon AWS

If WebRTC2SIP is not working for you, use embedded WebRTC support in the Asterisk PBX

In a "Compiling and Installing WebRTC2SIP" I described how to install Webrtc2sip to include SIP signalling in your webrtc applications. Unluckily there were some issues with webrtc2sip reported by Rosario Santoro (@RosSantoro1) and further discussed in the Doubango Google Group. Without having a solution yet, I decided to give Asterisk another shot. So in this article I'll describe how to use Asterisk only (without webrtc2sip) to setup a webrtc scenario without any other third party applications. This article is loosely based on this one.

Creating the EC2 instance and installing the Asterisk PBX for WebRTC

I selected Amazon Linux for this, but the instructions should work on any CentOS like operating system, and should be easily adaptable to other linux distros like Ubuntu.

Security Group to allow WebRTC traffic into the Asterisk PBX

The security group should allow:

  • Inbound connections to the TCP port 22 (to login via SSH, of course)
  • Inbound and Outbound traffic to the UDP port 5060 (if you're going to use any peers with standard SIP over UDP).
  • Inbound connections to the TCP port 8089 (we're going to use this one to serve a TLS-enabled websocket with asterisk)
  • Inbound and outbound to the UDP port range setup in your rtp.conf file
  • Inbound connections to the TCP port 443 (if you're going to serve your webrtc application from this instance, we're going to do this by using the SIPML5 example)
  • Installing Base Packages needed in Amazon Linux or CentOS to install Asterisk PBX

    We first need to install some basic packages, to compile everything:

    Nginx is installed so we can serve our own HTML5 application in the same server, but you can skip it if that will not be your case.

    NOTE: In CentOS you will need to install epel-release to install nginx.

    In a similar way, GNU Screen is installed becase I still like to use it, so feel free to also skip it or replace it with another thing.

    Install DaemonTools to start the Asterisk PBX as a service

    It is highly recommended that you manage your asterisk installations with daemontools. You can find out how to install them in this article titled: Installing DaemonTools in Amazon Linux (or CentOS like OS).

    Install libgsm 1.0.13

    You have to download and apply the following patch so you can build libgsm as a shared library:

    Then you can proceed to build and install:

    Install OpenSSL 1.0.2d

    Install libsrtp 1.5.2 as a shared library

    libsrtp is used to provide audio by using SRTP and its mandatory for webrtc communications. We need to install libsrtp as a shared library:

    Install libjansson 2.7

    Install PjProject 2.4

    PJSip is a new full SIP stack, used to replace chan_sip. And although we're still going to use chan_sip here, pjsip is needed to correctly handle ICE and STUN.

    Install Asterisk 13.6.0

    Configure Asterisk. Make sure that all the pj* resources are enabled, as well as the res_srtp and res_http_websocket ones.

    Add library paths to /etc/profile

    You might want to add this to your /etc/profile so the correct libraries will be used in your shell:

    Setup /usr/asterisk/etc/asterisk/sip.conf

    In the general section of your sip.conf file set:

    Sample SIP Peer for WebRTC in Asterisk

    Setup the HTTP webserver in Asterisk PBX to support the WebRTC websocket in /usr/asterisk/etc/asterisk/http.conf

    In your http.conf file:

    Setup the RTP ports in Asterisk in /usr/asterisk/etc/asterisk/rtp.conf

    In your rtp.conf file:

    Create a user for Asterisk

    NOTE: You can skip this step if you're not using daemontools.

    Setup daemontools to start asterisk

    NOTE: You can skip this step if you're not using daemontools.

    Create the ./log/run file with the following contents:

    Create the ./run file with the following contents:

    Make daemontools start Asterisk automatically:

    Install SIPML5

    NOTE: You can skip this step if you already have your own webrtc application or other means to test the installation.

    Setup the nginx host to serve your WebRTC VoIP Application

    NOTE: You can skip this step if you already have your own webrtc application or other means to test the installation.

    Generate a stronger DHE for SSL key exchange

    Setup the nginx host:

    After starting nginx, you should be able to point your browser to: and see the SIPML5 demo.

    SIPML5 configuration for the Asterisk PBX

    In the Expert section:

    • Check "Disable Video"
    • Check "Enable RTCWeb Breaker"
    • Set the "Websocket Server URL": wss://
    • Set the "ICE servers": [{ url: ''}]
    • Check "Cache the media stream"

    In the Login section:

    • Set "Display Name": 100
    • Set "Private Identity": 100
    • Set "Public Identity":
    • Set "Password": 100
    • Set "Realm":

    Using self signed certificates

    If you're using self signed certificates and notice an error in your javascript console like this one

    ...failed: WebSocket opening handshake was canceled

    You have to manually add the certificate to the browser's trusted vault. To do this manually point your browser to and confirm the security exception. That should solve the issue and you should be able to connect to the websocket port from SIPML5.

    Conclusion: Use WebRTC without the hassle of WebRTC2SIP in Asterisk

    This will hopefully save you some hours of despair and debugging :) And also get rid of a "moving part" in your webrtc ecosystem, so you can connect directly all your softphones, voip providers, and webrtc applications to your asterisk installation.

    Thanks To

    Rosario Santoro for his helpful tips and comments for the article.