Creating a PEM file for the Webitel

The certificate file should be named wss.pem and located in / opt / webitel / ssl.

The wss.pem file (similar to nginx certificates) consists of a sequence in a strict order: Certificate, RSA Privat Key and Chain (s):

-----BEGIN CERTIFICATE-----
<cert>
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
<key>
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
<chain>
-----END CERTIFICATE-----

Copy wss.pem to the files:

  • tls.pem - for SIP TLS
  • dtls-srtp.pem - for WebRTC


cp wss.pem tls.pem
cp wss.pem dtls-srtp.pem

Required files in /opt/webitel/ssl:

ssl
├── dtls-srtp.pem
├── tls.pem
└── wss.pem

Connect the certificate to the webitel

In the env/environment file, change to:

# WebSocket protocol: ws or wss (WebSocket with SSL)
export WEBITEL_WS="wss"
# WebSocket protocol: off or on (for HTTPS)
export WEBITEL_SSL="on"
# WebSocket protocol: http or https
export WEBITEL_PROTO="https"
# Webitel IP or hostname.
# Please, use the FQDN hostname for HTTPS site
export WEBITEL_HOST="app-d1.webitel.com"

Restart the Webitel:

/opt/orchestration/bin/reboot.sh

You can check the output of the nginx log with the command:

$ docker logs nginx
Start SSL