WebRTC-enabled FreeSWITCH uses DTLS-SRTP . For this reason it needs to generate a fingerprint, which requires a certificate. While you can find here [1] hints on how to generate a certificate, it may be useful to know that FreeSWITCH expects the certificate to be located in: /etc/freeswitch/tls/dtls-srtp.crt I inferred this from the source code rather than finding it documented somewhere, so this may save the reader some time. (But feel free to comment and point to a related documentation). And if you generate a pem file, you can retrieve the required .crt by copying from the .pem just the certificate part. [1] http://wiki.freeswitch.org/wiki/SIP_TLS#Configuration - Note: this document refers to the generation of certificates to enable TLS, rather than DTLS. Don't get confused by references to SIP encryption, and simply focus on the certificate generation.