-
Notifications
You must be signed in to change notification settings - Fork 686
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sip.js breaks on Chrome 52 when connecting to FreeSwitch #344
Comments
*DTLS |
this is an openssl/freeswitch problem related to chrome using elliptic curve certs by default now. upgrade openssl and retest. -eric On Aug 1, 2016, 5:08 PM, at 5:08 PM, Lyle Pratt notifications@github.com wrote:
|
@etamme yep. Sorry for the false alarm. Definitely an issue with Ubuntu 14.04. However, it appears that there is a way to define what algorithm to use in Webrtc. Seems like it would be useful for SIP.js to expose that? |
@lylepratt I made a hack until we got the freeswitch server updates applied. It looked something like this. It's terrible but worked on 0.7.2 and could be something to start from. initPeerConnectionCertificateHack: function() {
var rtcpc = window.webkitRTCPeerConnection || window.mozRTCPeerConnection || window.RTCPeerConnection;
rtcpc.generateCertificate({
name: "RSASSA-PKCS1-v1_5",
modulusLength: 2048,
publicExponent: new Uint8Array([1, 0, 1]),
hash: "SHA-256"
}).then(function(certficate) {
SIP.Hacks.AllBrowsers.rtcPeerConnectionCertificates = [certficate];
});
} Then added this to MediaHandler.js this.peerConnection = new SIP.WebRTC.RTCPeerConnection({'iceServers': servers, 'certificates': SIP.Hacks.AllBrowsers.rtcPeerConnectionCertificates}, self.RTCConstraints); |
Here's the announcement article: https://developers.google.com/web/updates/2016/06/webrtc-ecdsa If this were to be implemented, it would be done via ua configuration parameter, with the above code conditioned behind it. I recommend upgrading, as it sounds like up to a second can be saved in call setup time, but we can definitely put this together at some point, or accept a PR if it happens sooner. |
Hi all, I had the same problem and solved it. Regards, On Tue, Aug 2, 2016 at 8:58 PM, James Criscuolo notifications@github.com
Hai Bui |
Thanks for the tips guys. Our FreeSWITCH docker container was basing from Ubuntu 14.04. We've updated it to base from 16.04 and all is well now. |
As a note, we were able to upgrade our version of openssl and not rebuild freeswitch. A simple restart of freeswitch after updating openssl solved the issue, YMMV. Our version of openssl on Centos 6 is 1.0.1e-42. Updating to the newest version of openssl is definitely recommended. |
We also had this issue on a non freeswitch implementation and a upgrade of
openssl and restart of the process fixed it. For ubuntu 14 though we had to
use 1.0.2g version through a new repo added in /etc/apt/sources.list as the
latest available version didn't fix it for us. Details below from a ubuntu
link.
http://packages.ubuntu.com/xenial/amd64/openssl/download
|
It appears that this is due to Chrome defaulting to ECDSA for dtla now:
https://developers.google.com/web/updates/2016/06/webrtc-ecdsa
It looks like other certs are still supported but you have to request them specifically. Is there any way to do that with sip.js?
The text was updated successfully, but these errors were encountered: