Creating a PEM file for the Webitel
The certificate file should be named wss.pem and located in / opt / webitel / ssl.
The wss.pem file (similar to nginx certificates) consists of a sequence in a strict order: Certificate, RSA Privat Key and Chain (s):
-----BEGIN CERTIFICATE----- <cert> -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- <key> -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- <chain> -----END CERTIFICATE-----
Copy wss.pem to the files:
- tls.pem - for SIP TLS
- dtls-srtp.pem - for WebRTC
cp wss.pem tls.pem cp wss.pem dtls-srtp.pem
Required files in /opt/webitel/ssl:
ssl ├── dtls-srtp.pem ├── tls.pem └── wss.pem
Connect the certificate to the webitel
In the env/environment file, change to:
# WebSocket protocol: ws or wss (WebSocket with SSL) export WEBITEL_WS="wss" # WebSocket protocol: off or on (for HTTPS) export WEBITEL_SSL="on" # WebSocket protocol: http or https export WEBITEL_PROTO="https" # Webitel IP or hostname. # Please, use the FQDN hostname for HTTPS site export WEBITEL_HOST="app-d1.webitel.com"
Restart the Webitel:
/opt/orchestration/bin/reboot.sh
You can check the output of the nginx log with the command:
$ docker logs nginx Start SSL