"So, tls is required for wss?" Yes, as of the last rfc.  It can work without it if the client software (browser) will accept it though by now most will treat it as insecure.  I forget whether sipML5 will but my guess would be no.  -------- Original message -------- From: "Wilkins, Steve" <swwilkins(a)mitre.org> Date: 11/24/2017 9:57 AM (GMT-08:00) To: "Kamailio (SER) - Users Mailing List" <sr-users(a)lists.kamailio.org> Subject: Re: [SR-Users] sipML5 through kamailio Hello SamyGo,   So, tls is required for wss?  I thought that when I set a listen to Kamailio-Server-IPAddress:10443 and I sent a request through that IP and Port, that Kamailio would at least see the request and attempt to do something with it.  I will go add tls and try again.  Thank you!   From: sr-users [mailto:sr-users-bounces@lists.kamailio.org] On Behalf Of SamyGo Sent: Thursday, November 23, 2017 12:40 PM To: Kamailio (SER) - Users Mailing List <sr-users(a)lists.kamailio.org> Subject: Re: [SR-Users] sipML5 through kamailio   Can you clarify the IP addressing scheme as you've mentioned. There is no TLS interface? Advertised address for 5060 but not for WSS interface. Both listen and advertise are public IPs ? Also,you're handling WSS requests. Do you've xlog ines in the route[xhttp:request] to view when a request lands.!   My config has this:   #!substdef "!MY_IP_ADDR!123.134.156.167!g" #!substdef "!MY_WS_PORT!6010!g" #!substdef "!MY_WSS_PORT!6011!g"   listen=tcp:MY_IP_ADDR:MY_WS_PORT listen=tls:MY_IP_ADDR:MY_WSS_PORT   Then the xhttp event route:   ``` event_route[xhttp:request] {         set_reply_close();         set_reply_no_connect();           #Deny any HTTP requests on any port other than WS/WSS ports.         if ($Rp != MY_WS_PORT && $Rp != MY_WSS_PORT ) {                 xlog("L_WARN", "HTTP request received on $Rp\n");                 xhttp_reply("403", "Forbidden", "", "");                 exit;         }           #Handle HTTP(s) onwards.         xlog("L_INFO", "HTTP Request Received\n"); ```     On Thu, Nov 23, 2017 at 12:18 PM, Wilkins, Steve <swwilkins(a)mitre.org> wrote: Hi Sammy,   First of all, thank you for taking the time to respond.   Yes, port 10443 is opened.  I have used this port before as asterisk’s WebRTC port and iptables shows it as open.  No, I can’t even get a registration using the configuration I listed.  I have an xdbg log statement right after the request_route, and I see nothing.  I do know that my xdbg logs are working though because, if I register or make a call using any sip tool, I see all my logging and everything works correctly.   -Steve   From: sr-users [mailto:sr-users-bounces@lists.kamailio.org] On Behalf Of SamyGo Sent: Thursday, November 23, 2017 12:00 PM To: Kamailio (SER) - Users Mailing List <sr-users(a)lists.kamailio.org> Subject: Re: [SR-Users] sipML5 through kamailio   Hi Steve, Can you confirm that port 10443 is reachable behind the NAT to Kamailio server, validate iptables too Does your SIPml5 demo client register successfully to Kamailio? are there enough xlog lines to print out if anything lands in Kamailio.   Regards, Sammy       On Thu, Nov 23, 2017 at 11:34 AM, Wilkins, Steve <swwilkins(a)mitre.org> wrote: Hello,   I am attempting to use sipML5 to test WebRTC.  I have not been successful in getting messages through to Kamailio though. I am running Kamailio 5.0.3 on Cento 7.   My listen’s in the kamailio configuration file are => listen=tcp:112.22.3.108:5060 advertise 34.226.187.61:5060 listen=udp:112.22.3.108:5060 advertise 34.226.187.61:5060 listen=tcp:112.22.3.108:10443 (which I will use in the sipML5 Expert mode)   My sipML5 settings are => Public Identity - sip:user1@112.22.3.108 Realm - 112.22.3.108   Export mode setting are => WebSocket Server URL - wss://112.22.3.108:10443 (I have also tried wss://112.22.3.108:10443/ws) SIP outbound Proxy URL - udp://112.22.3.108:5060 (I have also left this blank)   When I make a call I see no Kamailio activity (I have logging at the start of request_route) so I am not sure where the configuration error is.  If I change the sipML5 configuration IP Address to use the asterisk IP Address, sipML5 works.  My goal is to go WebRTC Client => Kamailio => Asterisk and eventually through some sort of media proxy.   Thank you, -Steve     _______________________________________________ Kamailio (SER) - Users Mailing List sr-users(a)lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users   _______________________________________________ Kamailio (SER) - Users Mailing List sr-users(a)lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users