2014-10-17 11:02:06 [2013765606] [ErrorController->errorAction] ERR: exception ‘Kaltura_Client_ClientException’ with message ‘Problem with the SSL CA cert (path? access rights?). RC : 0’ in /opt/kaltura/app/admin_console/lib/Kaltura/Client/ClientBase.php:239
Stack trace:
Looks like related to the SSL, for now since this is a dev environment
Another way was to disable the SSL check inside /opt/kaltura/app/configurations/admin.ini, by removing the ; comment on this line :;settings.clientConfig.verifySSL = false
But would like to find a solution I can use on a live environment.
Does the kaltura xymon service needs access to the same certs as well?
Even though it runs fine in Firefox, Chrome will only display like a quarter of the page. I’m guessing that is due to when it runs into unsecure content.
Is your cert self signed? If so, then some functionality will not work in some browswers, depending on securiy policy.
You can get a properly signed cert for free here: http://cert.startcom.org/
See:
For more info.
Depending on the kind of cert you use, you may need to set SSLCACertificateFile or SSLCertificateChainFile directives in /opt/kaltura/app/configurations/apache/kaltura.ssl.conf
Getting back to this today. Verified SSL was working fine then did a complete database and kaltura re-install. Still getting:
15:48:40 [243676761] [ErrorController->errorAction] ERR: exception ‘Kaltura_Client_ClientException’ with message ‘Problem with the SSL CA cert (path? access rights?). RC : 0’ in /opt/kaltura/app/admin_console/lib/Kaltura/Client/ClientBase.php:239
Stack trace:
About to connect() to kaltura.willamette.edu port 443 (#0)
Trying 127.0.0.1… connected
Connected to kaltura.willamette.edu (127.0.0.1) port 443 (#0)
Initializing NSS with certpath: sql:/etc/pki/nssdb
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
SSL connection using TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Server certificate:
subject: CN=kaltura.willamette.edu,O=Willamette University,STREET=900 State Street,L=Salem,ST=OR,postalCode=97301,C=US
start date: Oct 14 00:00:00 2014 GMT
expire date: Oct 13 23:59:59 2017 GMT
common name: kaltura.willamette.edu
issuer: CN=InCommon RSA Server CA,OU=InCommon,O=Internet2,L=Ann Arbor,ST=MI,C=US
You can disable the CURL check by editing:
/opt/kaltura/app/configurations/admin.ini
set:
settings.clientConfig.verifySSL=false
Then admin console will work for you as the verification of the cert will be skipped.
And everything loads fine.