[Home]

Summary:ASTERISK-25580: WSS will not work with asterisk 11
Reporter:David Sarmiento (dorphalsig)Labels:
Date Opened:2015-11-20 09:36:56.000-0600Date Closed:2015-11-20 22:11:27.000-0600
Priority:MajorRegression?
Status:Closed/CompleteComponents:Resources/res_http_websocket
Versions:11.20.0 Frequency of
Occurrence		Constant
Related
Issues:
Environment:Centos 6.7Attachments:
Description:I'm trying to connect a SIPML5 client to asterisk via WSS, I keep getting "Failed to connect to server". However, when I try to connect via WS it works (I can register and place calls).

Below:

- http.conf with tlsenabled=yes and path to ssl certificates
- core show settings
- netstat output showing only port 8088 open.



root@testasterisk [~]# cat /etc/asterisk/http.conf
[general]
enabled=yes
enablestatic=yes
bindaddr=0.0.0.0
bindport=8088
prefix=asterisk
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/pki/tls/certs/server.cert.pem
tlsprivatekey= /etc/pki/tls/private/server.key
root@testasterisk [~]# rasterisk -x "core show settings"

PBX Core settings
-----------------
 Version:                     11.20.0
 Build Options:               LOADABLE_MODULES
 Maximum calls:               Not set
 Maximum open file handles:   Not set
 Root console verbosity:      3
 Current console verbosity:   0
 Debug level:                 0
 Maximum load average:        0.000000
 Minimum free memory:         0 MB
 Startup time:                11:16:31
 Last reload time:            11:16:31
 System:                      Linux/2.6.32-573.8.1.el6.x86_64 built by root on x86_64 2015-11-16 03:31:17 UTC
 System name:                
 Entity ID:                   00:0c:29:14:e5:88
 Default language:            en
 Language prefix:             Enabled
 User name and group:         asterisk/asterisk
 Executable includes:         Enabled
 Transcode via SLIN:          Enabled
 Transmit silence during rec: Enabled
 Generic PLC:                 Enabled
 Min DTMF duration::          80

* Subsystems
 -------------
 Manager (AMI):               Enabled
 Web Manager (AMI/HTTP):      Disabled
 Call data records:           Enabled
 Realtime Architecture (ARA): Enabled

* Directories
 -------------
 Configuration file:          
 Configuration directory:     /etc/asterisk
 Module directory:            /usr/lib64/asterisk/modules
 Spool directory:             /var/spool/asterisk
 Log directory:               /var/log/asterisk
 Run/Sockets directory:       /var/run/asterisk
 PID file:                    /var/run/asterisk/asterisk.pid
 VarLib directory:            /var/lib/asterisk
 Data directory:              /var/lib/asterisk
 ASTDB:                       /var/lib/asterisk/astdb
 IAX2 Keys directory:         /var/lib/asterisk/keys
 AGI Scripts directory:       /var/lib/asterisk/agi-bin


root@testasterisk [~]# rasterisk -x "http show status"
HTTP Server Status:
Prefix: /asterisk
Server Enabled and Bound to 0.0.0.0:8088

Enabled URI's:
/asterisk/httpstatus => Asterisk HTTP General Status
/asterisk/static/... => Asterisk HTTP Static Delivery
/asterisk/ws => Asterisk HTTP WebSocket

Enabled Redirects:
 None.
root@testasterisk [~]# netstat -anp | grep 808.
tcp        0      0 0.0.0.0:8088                0.0.0.0:*                   LISTEN      2531/asterisk      
root@testasterisk [~]#
Comments:By: Asterisk Team (asteriskteam) 2015-11-20 09:36:58.407-0600

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].
By: Rusty Newton (rnewton) 2015-11-20 09:47:29.417-0600

Please attach all debug and configuration to the issue itself. We try not to use external links on this site because they tend to fade away at some point.

https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines

Please include details about what doesn't work and what commands you are using to verify that the ports are not open, etc.
By: David Sarmiento (dorphalsig) 2015-11-20 10:49:40.493-0600

Sorry. I just updated the issue with all the relevant information
By: Matt Jordan (mjordan) 2015-11-20 13:57:58.407-0600

TLS binds to 8089:

{{tlsbindaddr=0.0.0.0:8089}}

What are you attempting to connect to?

And if Asterisk isn't showing up as bound to 8089, are you sure that Asterisk is starting up without any WARNINGs related to binding the HTTP's server's TLS socket?
By: David Sarmiento (dorphalsig) 2015-11-20 21:03:56.128-0600

I just have a test server with 2 addresses. For the moment I would like WSS to be listening on both (is this wrong?).

Nope, still nothing. I did have an error (my server key was not readable by asterisk), once I got that fixed I can see port 8089 open and bound to asterisk (http show status shows me this), however when I try to connect the sipML phone to wss://172.16.199.132:8089/asterisk/ws, firefox returns an error

22:25:37.824 Firefox can't establish a connection to the server at wss://172.16.199.132:8089/asterisk/ws.1 SIPml-api.js:3:0

On the asterisk side, all I can see is:
[2015-11-20 18:17:32] ERROR[108929]: tcptls.c:397 tcptls_stream_close: SSL_shutdown() failed: 1
testasterisk*CLI>


Thx!


By: David Sarmiento (dorphalsig) 2015-11-20 22:11:08.020-0600

There, all good. It was an issue with my "server" being on DHCP and the latter giving it whatever address it thought of. Reverted to the static address referred in the 'common name' and its all good now.

Thanks again!!