How to install Vicidial Webphone in Scratch Install with Letsencrypt SSL

Vicidial Scratch installtion in centos with webphone support

Topic: How to install Vicidial Webphone in Scratch Install with Letsencrypt SSL

vicidial scratch webrtc

  Overview: vicidial scratch installation

    This article all about step by step guide for vicidial webphone configuration in scratch installed vicidial with noip free domain  and letsencrypt free ssl certificates.

    Vicidial is the most popular Open-Source Contact Center Solution in the world, that incorporates a predictive dialer to enable the blended handling of inbound / outbound calls alongside inbound emails and customer website chat.
  VICIphone is an Open Source Project. VICIphone was built with WebRTC Technology. WebRTC provides browsers and mobile applications with Real-Time Communications (RTC) capabilities. This enables your users to use VICIphone without having to install or configure anything. Asterisk 13 and later can handle WebRTC connections

  Major Components of Vicidial

Asterisk - Telephony server
Mariadb - Database
Apache - Webserver

  Pre-Requisites

Before proceeding with installation steps , we must have below pre-requisites ready

  • Centos 7 installed either full DVD or minimal OS installation
  • Console access to the server or SSH access via putty .
  • Root access or other user with necessary permission
  • Internet access in the server to download softwares.
  • Basic knowledge of linux commands like vi or nano editor, copy ,paste.

  Installation Steps :

Step 1: Vicidial Scratch install with asterisk 13 or 16
Step 2: webphone Pre-Requisites
Step 3: Registring Free Domain from NoIP/DynDns
Step 4: Generating Free SSL from Letsenrypt
Step 5: Enabling SSL option in apache / httpd
Step 6: Asterisk Config to support Webrtc / webphone /viciphone
Step 7: Viciphone Installation and configuration

  Step 1: Vicidial Scratch Install

    I have a separate blog article for the vicidial scratch install, follow the instruction mentioned in the below link, followed to that proceed with Step 2 for the webpphone configuration


Vicidial scratch install Guide
  Step 2: webphone Pre-Requisites

For the webrtc support in vicidial ,you must meet below pre-requisites
  • asterisk 13 and above version 
  • vicidial server should be accessed via FQDN (domain name)
  • Vicidial server should be accessed via SSL ie: https://domain/
  • Trusted SSL certifcate and key from vendor like letencrypt,norton etc.

note: if you are one like me to use all free, i use  no-ip for a free domain and letsencrypt for free ssl certificates.

Refer this link if you want to use with self signed certificate.
Follow the below steps to configure webrtc with no-ip domain, Letencrypt SSL certificate and Viciphone webrtc webphone.

  Step 3: Registring Free Domain from LetsEncrypt

NoIP: No-IP which is a dynamic DNS provider for paid and free services.
NoIP offering free dynamic DNS and URL redirection. Users were able to create a free sub-domain under a few domains owned by No-IP

If you have your own domain ,you can skip this step.
  • goto https://www.noip.com
  • Signup a new account
  • Create your own domain from there existing top level domain
  • for eg: striker24x7.ddns.net

noip domain

  • Next Modify your domain and enter your server public ip

noip

  • Now you have your own domain and pointed to your server
  • Try to access your server via domain http://xyz.ddns.net/

  Step 4: Free Trusted SSL from Letsenrypt 

LetsEncrypt is a Certificate Authority (CA) that provides free certificates for Transport Layer Security (TLS) encryption, thereby enabling encrypted HTTPS on web servers. It simplifies the process of creation, validation, signing, installation, and renewal of certificates by providing a software client that automates most of the steps—Certbot.

To generate the letsencrypt SSL certificate follow below steps.

  Step 4-1: Installing Certbot and Dependencies

yum install certbot python2-certbot-apache mod_ssl

  Step 4-2: Generate SSL certificate with Certbot Client 

certbot certonly --webroot-path /var/www/html -d striker24x7.ddns.net --register-unsafely-without-email
<note: replace striker24x7.ddns.net with your domain>
<enter 3 for webroot location.
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 3
  • Once the process is successful ,you will get the successful message and the certificates and key will be saved in below mentioned folder
  • note: enter you domain after /live folder
cd /etc/letsencrypt/live/striker24x7.ddns.net/
ls
cert.pem chain.pem fullchain.pem privkey.pem README

  Step 5: Apache /Httpd configuration to support SSL/Https 

You need to point your new ssl certificate and key path in the ssl.conf so that your server will be accessed via new Letsencrypt  certificates.

yum  install mod_ssl
edit vi /etc/httd/conf.d/ssl.conf
search the below lines and update with your certificate file with path as show below
SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile 

SSLCertificateFile /etc/letsencrypt/live/striker24x7.ddns.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/striker24x7.ddns.net/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/striker24x7.ddns.net/fullchain.pem
restart httpd service to update the changes

systemctl restart httpd

  Check your SSL 
   check your ssl by checking your website in https://www.sslshopper.com/ssl-checker.html

Also access you dialer in  a browser and make sure it is accessible via https and without any ssl error eg : https://striker24x7.dyndns.com
if Yes you are good to go next steps.

  Redirect All HTTP request to HTTPS request
    we need to force the dialer access only via https , in order to avoid agents login to dialer via http which leads to failure of webrtc support.
edit httpd.conf
vi /etc/httpd/conf/httpd.conf
add the below entry after the last line
replace striker24x7.ddns.net with your domain.

<VirtualHost *:80>
    ServerName striker24x7.ddns.net
    DocumentRoot /var/www/html
    ErrorLog /var/www/error.log
    CustomLog /var/www/requests.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =striker24x7.ddns.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
restart the httpd service
systemctl restart httpd

Now access your dialer with http://domain/  it should auto redirect to https://domain.

  updating Vicidial Recordings link with https

By default the vicidial recordings links are update with http extension in DB,
in order to update the recording link to https extension you need edit your cronjob.

just add --HTTPS label in  AST_CRON_audio_2_compress.pl followed my --MP3 as shown below

crontab -e

/usr/share/astguiclient/AST_CRON_audio_2_compress.pl --MP3 --HTTPS

  Step 6: Asterisk Configuration To support webrtc

In order to asterisk support webrtc you need to edit below files

1. /etc/asterisk/http.conf
2. /etc/asterisk/modules.conf
3. /etc/asterisk/rtp.conf
4./etc/asterisk/sip.conf

  vi /etc/asterisk/http.conf
and or enable below settings
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/letsencrypt/live/striker24x7.ddns.net/cert.pem
tlsprivatekey=/etc/letsencrypt/live/striker24x7.ddns.net/privkey.pem

NOTE: replace striker24x7.ddns.net with your domain name

  vi /etc/asterisk/modules.conf

    Add the below entry after the last line ,save the file and reboot to take effect the changes.
load => res_http_websocket.so

Reboot the server once, so the asterisk startup with http_websocket loaded,
to confirm websocket is loaded , run the below command 

asterisk -rx 'http show status'
make sure it says “HTTPS Server Enabled and Bound to 0.0.0.0:8089”
[root@centos~]# asterisk -rx "http show status"
HTTP Server Status:
Prefix:
Server: Asterisk/13.29.2
Server Enabled and Bound to 0.0.0.0:8088

HTTPS Server Enabled and Bound to 0.0.0.0:8089

Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/phoneprov/... => Asterisk HTTP Phone Provisioning Tool
/static/... => Asterisk HTTP Static Delivery
/ari/... => Asterisk RESTful API
/ws => Asterisk HTTP WebSocket

Enabled Redirects:
  None.
  vi /etc/asterisk/rtp.conf
rtpstart=10000
rtpend=20000
icesupport=yes
stunaddr=stun.counterpath.com:3478
  vi /etc/asterisk/res_stun_monitor.conf
stunaddr=stun.counterpath.com:3478
stunrefresh = 30
go to asterisk cli ,reload once and check stun updates similar like below

asterisk -vvvvvr
asterisk-CLI> stun show status
Hostname                  Port  Period  Retries  Status  ExternAddr       ExternPort
stun.counterpath.com      3478  30      3        OK      xx.xxx.xx.xx   32997
centos-s-4vcpu-8gb-intel-nyc1-01*CLI>

  vi /etc/asterisk/sip.conf

update below entry
realm=your-domain or publicip
externaddr=your-publicip

  Step 7: Downloadign and installing Viciphone

   you can download the official viciphone or enhanced version from below links, i prefer the enhanced version.

official link : https://viciphone.com  
githublink : https://github.com/vicimikec/ViciPhone.git
enhanced link : https://github.com/ccabrerar/ViciPhone.git

  • download the file to a temp directory
cd /var/tmp
git clone https://github.com/ccabrerar/ViciPhone.git
  • copy the file to vicidial agc folder and provide permission
cd /var/tmp
cp -r ViciPhone /var/www/html/agc/viciphone
chmod -R 755 /var/www/html/agc/viciphone
  Step 7-1: Vicidial Settings for webphone
  • Set webphone as default phone .
Navigate in admin
ADMIN > SYSTEM SETTINGS >
Default Webphone: 1

Entering the Webphone URL 

Navigate in Admin

ADMIN > SYSTEM SETTINGS > Webphone URL:  
Webphone URL: viciphone/viciphone.php

vicidial webphone url

Settubg websocket URL
Navigate in Admin
ADMIN > SERVERS > Modify > Web Socket URL: 
wss://striker24x7.ddns.net:8089/ws

vicidial websocket url


  Step 7-2 Vicidial webrtc TEMPLATE

     Now we need to create webrtc sip template which we will assign to each phone created in vicidial.

Go to Admin -> Templates

Create a new Template by name webrtc
copy paste the below settings, make to point to your ssl certificate path
type=friend
host=dynamic
encryption=yes
avpf=yes
icesupport=yes
directmedia=no
transport=wss
force_avp=yes
dtlsenable=yes
dtlsverify=no
dtlscertfile=/etc/letsencrypt/live/striker24x7.ddns.net/cert.pem
dtlsprivatekey=/etc/letsencrypt/live/striker24x7.ddns.net/privkey.pem
dtlssetup=actpass
rtcp_mux=yes
vicidial webrtc template


  Step 7-3: Creating Vicidial Phone with webphone support

Goto ADMIN > PHONES 
either add new phone or modify your existing phone and enable the below settings
Set As Webphone:  Y
Webphone Dialpad:Y
Webphone Auto-Answer: Y
Webphone Dialbox: Y
Webphone Mute: Y
Webphone Volume:Y
at Last line under TEMPLATE ID select the webrtc template created in step 27

vicidial phones






vicidial webrtc template 



  Step 7-4 : Delaying the webphone login call by 10 sec.

    By default as soon you login as agent, the vicidial will initiate the first login call and play the message "you are the only person in conference"
You might miss this sound or call because of browser loading speed and time the webphone registering time.

To avoid this we will delay the call by 10 sec.
Follow the steps 
cd /var/www/html/agc
cp options-example.php options.php
Now edit the options.php file and set 10 for $webphone_call_seconds  
cd /var/www/html/agc
vi +64 /var/www/html/agc/options.php

search for below line and enter 10
$webphone_call_seconds  = '10';
  we have Completed, time to test.

    Use your Favourite browser to access your dialer, 
i prefer firefox as my Favorite browser .

URL: https://FQDN/agc/admin.php

you should be now able to login as agent with webphone/webrtc as shown below

Note : while logging in , the browser will ask permission to use MIC , Press ALLOW

vicidial webphone


Finally you can see your agent panel with Webphone.

vicidial agent webphone

  Conclusion

Note for NOIP
  • you need regularly update your noip domain either manualy in there website or you can use the noip update client to automate the same
Letsencrypt
  • Let’s Encrypt certificates are valid for 90 days, but it’s recommended that you renew the certificates every 60 , you can renew by running the command "certbot renew --dry-run"
  • either run manually or automate via cronjob 
  0 2 30 * * /usr/bin/certbot renew --dry-run > /dev/null 2>&1

For Professional support reach me at skype: striker24x7

Post installation configuration

  • access your dialer via browser http://serverip/vicidial/admin.php
  • login with username 6666 and password 1234
  • The initial setup will force to change password, Timezone,GTM offset
  • once done logout
  • relogin with 6666 and new password.
  1. modify the user 6666 and set 1 for all the admin interface options
  2. Modify the ADMIN>SERVERS>Asterisk Version : 13.X
  3. ADMIN>SERVERS>Local GMT: select to GMT
  4. press submit two times, to rebuild conf files.
  5. Modify-ADMIN>SYSTEMSETTINGS>ActiveVoicemailServer: serverip
  6. ADMIN>SYSTEM SETTINGS> Default Local GMT: select to GMT
Final installation confirmation

run screen -list  to make sure all the background vicidial scripts are running
you should get below output
There are screens on:
        2307.ASTVDauto  (Detached)
        2147.astshell20140626063212     (Detached)
        2105.ASTVDadapt (Detached)
        2304.ASTlisten  (Detached)
        2301.ASTsend    (Detached)
        2153.asterisk   (Detached)
        2109.ASTconf3way        (Detached)
        2107.ASTfastlog (Detached)
        2310.ASTVDremote        (Detached)
        2298.ASTupdate  (Detached)
10 Sockets in /var/run/screen/S-root.
Next Post Previous Post
3 Comments
  • Unknown
    Unknown March 16, 2021 at 2:50 AM

    Calls are ringing outbound but not connecting to agents what is the issue ... please resolve the issue . i am using goautodial

  • Unknown
    Unknown March 16, 2021 at 3:04 AM

    This comment has been removed by a blog administrator.

  • Emily Simth
    Emily Simth January 13, 2022 at 3:41 PM

    Very useful information, thank you for sharing this post. To support the WebRTC app development, I would like to share that according to Market Study Report, the global WebRTC market’s size is predicted to reach $16,570.5 million in 2026. The turning point for WebRTC came in 2017 when Microsoft Edge and iOS Safari 11 began supporting it. Nowadays, the top WebRTC development companies are growing rapidly with the increasing demand of the technology.

Add Comment
comment url