• Be part of the TeaParty!
    Click here for more information

Information Setup the WebClient rightly (TeaServer)

WolverinDEV

TeaSpeak Team
Staff member
Administrator
Hey,
I'm going to show you, how you could correctly setup and configure your server, for the web client.
As well I'll give you a short overview of how the web client works, and where you have to focus on.

1. Overview: How do the WebClient works, and which ports have to be opened
Each virtual server does not only listen on UDP it also listens to TCP.
That's where the WebClient comes into play. The WebClient uses TCP (Secure Web Sockets) to communicate with the TeaSpeak-Server.
So please ensure that you've opened the virtual server port within your firewall for TCP as well.
This TCP based bridge is used for command execution and general management, but not for voice!
For voice, speech in general a protocol known as WebRTC (Web real time communication) is used.
This protocol is UDP based and uses the port range, given within the config.yml (default range is 50000 - 56000).
Please ensure you've allowed this range as well within your firewall.

2. Setup a valid SSL certificate
Because the WebClient uses secure web sockets, you have to use a SSL certificate.
By default, the server generates a self-signed certificate, which first have to be added as an exception to the browser to be able to connect.
This could be easily done by every client by clicking the "here" link within the connect failed dialogue.
But to avoid this in general you could use a valid SSL certificate and register it within the server configurations file.

2.1 Create/register a valid SSL certificate with LetsEncrypt
Please note that these instructions could be different, depending on your system or configuration.
More information could be found here: https://letsencrypt.org/getting-started/
  1. Install certbot
    Code:
    # apt-get install certbot
  2. Create a new certificate
    Code:
    sudo certbot certonly --standalone -d ts.teaspeak.de
    (Replace ts.teaspeak.de with your domain, linked to you TeaSpeak server)
  3. You should be now able to find up2date certificates and keys within /etc/letsencrypt/live/ts.teaspeak.de/
    (ts.teaspeak.de will be your domain, this is just an example)
2.2 Register your SSL certificate within the TeaSpeak server
  1. Open the config.yml with an editor of your chose
  2. Search for the tag web and then ssl. You'll find there two settings (certificate and privatekey)
  3. Paste the path to your certificate within the certificate tag.
    For the example from 2.1 would it be: /etc/letsencrypt/live/ts.teaspeak.de/cert.pem)
  4. Paste the path to your private key within the privatekey tag.
    For the example from 2.1 would it be: /etc/letsencrypt/live/ts.teaspeak.de/privkey.pem)
  5. Restart/start your server and try to connect.
3. Troubleshooting "Failed to apply ICE" (Server console)
Along with TeaSpeak, you're already forced to install libnice.
But on some, mainly older LTS distributions this package is a little bit outdated.
Within the latest version was a breaking change which requires the newest version.
You should be easily able to install the newest working libnice dependency by executing the install_libnice.sh script.
After executing this script you should find a few new libraries within your libs directory.
Restart the server and everything should work then.

4. Summarization
For setting up the server with the web client you've to do the following things:
  • Open the WebRTC UDP port range
  • Open the TCP port for your virtual server
  • Register a valid SSL certificate
  • Ensure you're using the latest libnice version (>= 0.1.15)