how do you access the admin console after install?

i checked the docs but www.yourdomain/admin_console does not work. There is nothing there other than my original index html file that i did so the site would load originally. It does not appear that the software loaded anything inside of public_html. I just installed this on my host server. So where would be admin console be?

I did rerun the config to be sure i had all the links right and they seem correct now that i changed the kaltura location to hostname rather than my public_html domain name. However the admin_console does not show and i have port 80 open. hostname.sitename.com/admin_console does not work.

thanks

Hello,

$YOUR_DOMAIN/admin_console is correct.
What is the output for:
# apachectl -t -DDUMP_VHOSTS
?

And also of:
# ls -al /etc/httpd/conf.d

@jess

Hi here is the output,(edited for security), thanks

the webdomain is different from the sitename, the webdomain is the public_html domain and the
sitename is part of the full host name. The webdomain is not the same name as the host name in any way. I thought when i ran the config that it was asking me for the domain for the webfiles (when i thought this software included them) i was trying to find the config file to change that but i could not find it so i reran the config again and changed it to the full host name. No way to check to see if it changed as i cant find the config file.

apachectl -t -DDUMP_VHOSTS
[Tue Sep 13 09:46:11 2016] [warn] module php5_module is already loaded, skipping
VirtualHost configuration:
xxx.xxx.xxx.130:80 is a NameVirtualHost
default server titan.sitename.com (/etc/httpd/conf/httpd.conf:1040)
port 80 namevhost titan.sitename.com (/etc/httpd/conf/httpd.conf:1040)
xxx.xxx.xxx.130:443 titan.sitname.com (/etc/httpd/conf/httpd.conf:1053)
xxx.xxx.xxx.131:80 is a NameVirtualHost default server webdomain.com (/etc/httpd/conf/httpd.conf:1086)
port 80 namevhost webdomain.com (/etc/httpd/conf/httpd.conf:1086)
alias www.webdomain.com
alias webmail.webdomain.com
alias admin.webdomain.com
Syntax OK

The 131 ip address is the shared and the 130 ip address is the main server ip.

Lastnight while reading a different install process by someone else for debian (which i dont have, i just read it for reference) i noticed they have alot more steps so maybe i missed something. I followed this process

all the way down to the RED5 server and stopped.

Also here is your other output you ask for

ls -al /etc/httpd/conf.d
total 32
drwxr-xr-x 2 root root 4096 Sep 12 09:17 .
drwxr-xr-x 4 root root 4096 Sep 4 05:30 …
-rw-r–r-- 1 root root 674 Aug 11 14:36 php.conf
-rw-r–r-- 1 root root 392 Jul 18 09:24 README
-rw-r–r-- 1 root root 2604 Sep 11 21:03 ssl.conf
-rw-r–r-- 1 root root 352 Sep 9 2004 webalizer.conf
-rw-r–r-- 1 root root 302 Sep 4 05:46 welcome.conf
-rw-r–r-- 1 root root 304 Sep 4 04:07 welcome.conf.rpmsave

If you need to know the actual site names i can give them but in a private way. The server is not complete yet and i dont want the names public yet.

Thanks so much

Hello @durangod,

This is not the expected output. I do not see the Kaltura VHOST in it, which explains why you cannot reach the web interfaces.

Here is what it should look like:

port 80 namevhost your-host (/etc/httpd/conf.d/zzzkaltura.conf:1)

You can have multiple additional vhosts, but this should be one of them.
Under /etc/httpd/conf.d, you should have:

zzzkaltura.conf -> /opt/kaltura/app/configurations/apache/kaltura.conf

All this is done by the kaltura-front-config.sh, which is called from the kaltura-config-all.sh script.

I suggest you rerun /opt/kaltura/bin/kaltura-config-all.sh and post the full output here [you can mask your actual inputs, of course, the actual domain and email addrs do not matter, so long as the domain is resolvable from both inside the server and all machines/devices you intend to use to access the web I/F and play content from.

Thanks,

@jess

OK i reran the config and here is the full output start to finish

[root@titan ~]# /opt/kaltura/bin/kaltura-base-config.sh
kaltura-base-12.0.0-9.noarch
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a “bundle”
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.
Welcome to Kaltura Server 12.0.0 post install setup.

To keep up with the bi-weekly Kaltura releases, and stay up to date with
the latest news, security and bug updates, and connect with the global
Kaltura community - sign up for our regular Kaltura Community updates.
Please enter your email to sign up, or enter NO to pass.

In order to finalize the system configuration, please input the following:

CDN hostname [titan.sitename.com]:

The host will be accessed over http(s). In case your CDN operates on a non-default port, please input CDNHOST:PORT.

Apache virtual hostname [titan.sitename.com]
(Must be accessible from both inside the machine and from any clients / browsers that will use Kaltura):

Vhost port to listen on [80]:
DB hostname [127.0.0.1]:
range of ip addresses belonging to internal kaltura servers [0.0.0.0-255.255.255.255]:
The range is used when checking service actions permissions and allowing to access certain services without KS from the internal servers.
The default is only good for testing, on a production ENV you should adjust according to your network.
xxx.xxx.xxx.130-xxx.xxx.xxx.131
DB port [3306]:
MySQL super user [only for install, default root]:
MySQL super user passwd [only for install]:
Analytics DB hostname [127.0.0.1]:
Analytics DB port [3306]:
Sphinx hostname [127.0.0.1]:
Media Streaming Server host [titan.sitename.com]:
Secondary Sphinx hostname [leave empty if none]:
Your Kaltura Service URL [http://titan.sitename.com]
(Base URL where the Kaltura API and Apps will be accessed from - this would be your Load Balancer URL on a cluster or same as your virtual host in an all-in-one Kaltura server - Must be accessible from both inside the machine and from any clients / browsers that will use Kaltura):

VOD packager hostname [titan.sitename.com]:
VOD packager port to listen on [88]:
Kaltura Admin user (email address): admin@sitename.com
Admin user login password (must be minimum 8 chars and include at least one of each: upper-case, lower-case, number and a special character):
Confirm passwd:
Your time zone [see php.net/date.timezone], or press enter for [America/Denver]:
Your Kaltura install name (this name will show as the From field in emails sent by the system) [Kaltura Video Platform]:Titan Kaltura Platform
Your website Contact Us URL [http://corp.kaltura.com/company/contact-us]: http://sitename.com/contact-us
Your ‘Contact us’ phone number [+1 800 871 5224]:000 000 0000
Checking MySQL version…
mysql: [Warning] Using a password on the command line interface can be insecure.
Ver 5.7.15 found compatible
mysql: [Warning] Using a password on the command line interface can be insecure.

========================================================================================================================
Kaltura install answer file written to /tmp/kaltura_13_09_11_50.ans - Please save it!
This answers file can be used to silently-install re-install this machine or deploy other hosts in your cluster.

Configuration of 12.0.0 finished successfully!
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a “bundle”
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.
[root@titan ~]#

Thats all of it

Also here are all of my current virtual servers.

virtual.jpg898×445 69.8 KB

@durangod,

This is only the output of kaltura-base-config.sh.
The VHost config part happens in kaltura-front-config.sh. Like I said, please run kaltura-config-all.sh which calls all needed sub scripts.

OK sorry i did not notice it was a different command with the all in it… will do that directly

@jess

OK now im getting the extra questions.

What is the service url? is that the domain or the full host name? The website which will use things like the ffmpeg will be the domain, the host name is where kaltura is installed. Which one is the service url?

ok here are the extra questions and it failed…

It is recommended that you do work using HTTPs. Would you like to continue anyway?[N/y]
y
Which port will this Vhost listen on? [80]

Service URL [http://]:
http://titan.sitename.com

cp: cannot stat `/configurations/apache/conf.d/enabled.kaltura.conf.template’: No such file or directory

kaltura-front-config.sh FAILED with: 1 on line 239

SERVICE_URL is the domain or IP you intend to make a request to in order to reach your Kaltura webserver.
In your case, since it is an all in one install w/o a load balancer or several nodes, it is simply the IP or domain the machine you are installing on if configured with.

you will then make requests like http://this-domain/admin_console or http://this-domain/api_v3

@jess

OK so i did the right name for service, the full host name… But why did it fail… see previous post please

that file is actually in /opt/kaltura/app/configurations/apache/conf.d/

what’s the output for:
# ls -al /etc/kaltura.d/system.ini
?

@jess

-rw-r–r-- 1 root root 0 Sep 12 10:17 /etc/kaltura.d/system.ini

its empty, remember when i first installed this, it gave an error that it could not find this file so i just created one thinking it would overwrite it. This is the one i created.

You shouldn’t have done that… this link is created as part of the RPM’s postinst and once you run kaltura-base-config for the first time, /opt/kaltura/app/configurations/system.ini is created.

Anyhow, to correct it, run:
# ln -sf /opt/kaltura/app/configurations/system.ini /etc/kaltura.d/system.ini
and then rerun kaltura-config-all.sh and let’s see…

@jess

do i want 0 1 or 2 on the interfaces question? Install example shows 0

whats the password for after that?

Select 0.
Which password prompt are you asking about?

@jess

this one

kaltura-sphinx-2.2.1-19.x86_64
base-config completed successfully, if you ever want to re-configure your system (e.g. change DB hostname) run the following script:

rm /opt/kaltura/app/base-config.lock

/opt/kaltura/bin/kaltura-base-config.sh

curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.

Starting monit: Starting Monit 5.18 daemon with http interface at [*]:2812
[ OK ]

curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.

Enter password:

it must be the mysql password i think because it failed when i used a new password

Configuring your Kaltura DB…

curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.

Checking MySQL version…
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [ERROR] Unknown suffix ‘.’ used for variable ‘port’ (value ‘127.0.0.1’)
mysql: [ERROR] mysql: Error while setting value ‘127.0.0.1’ to ‘port’

kaltura-db-config.sh FAILED with: 9 on line 65

Archving logs to /opt/kaltura/log/log_13_09_16_13_51.tar.gz…
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.
ERROR: we failed on something else…

ill run the -sf code again on the system.ini file and then rerun this again and use the mysql password this time

oh ok i guess i dont need to run the ln -sf again do i, your just creating a link so it should still be linked right?

Also i just received an kaltura update, should i wait until this is done before installing that update?

nope same failure on the port even with the mysql password

i looked at that line of code, maybe i need to open 3306 in my firewall unless its open my default. But it should be ok as its all internal. What if i hardcoded it as 3306 in the sql statement

I have no idea where it was getting the localhost value in port from unless when i skip the input on the config that data is wrong as default. So added this code and commented out the original

check DB connectivity:

echo -e “${CYAN}Checking MySQL version…${NORMAL}”
#original code
#MYVER=echo "select version();" | mysql -h$MYSQL_HOST -u$MYSQL_SUPER_USER -p$MYSQL_SUPER_USER_PASSWD -P$MYSQL_PORT -N
#modified code by dave to fix port during install config
MYSQL_PORT='3306’
MYVER=echo "select version();" | mysql -h$MYSQL_HOST -u$MYSQL_SUPER_USER -p$MYSQL_SUPER_USER_PASSWD -P$MYSQL_PORT -N

That seems to have fixed that issue now it wont accept the main mysql password ill try it again and be 100% right that i have it correct. I have noticed that sometimes i use a feature and it does not accept the password but then i login into mysql and it does accept it, so not sure what that means. Could it be that the mysql password is not globally set, i set it with passwd command i think…

@jess

Yep i made 100% sure the pw was corrrect and same error

ERROR 1045 (28000): Access denied for user ‘root’@‘localhost’ (using password: YES)

doing some research to see what might be the deal on this one… lol we are soooo close

@jess

Here is what i have done with this… and what i have found (possible bugs)

First i totally uninstalled kaltura per the docs directions and then i reinstalled it using the ssl directions.

Then i went thru several online directions per topic and updated the system ssl as well as the copies in the /etc/ssl/certs and the /etc/pki/ as well as all the httpd and mysql my.cnf and also the curl directives and updated the cert. Everything looks good. However i am still getting the curl warning about the cert failed.
I originally thought this may have been a permissions issue as my cert files were 600 permissions but i changed them to 700 and same issue.

Just a note here, every time i redo the config i am entering all the values and not taking the default to be sure it has that value (or should have that value)

Then i re-edited the config file for mysql 5.7 to change the query to authentication_string

Then i ran the config all, still had the same issue with the localhost 127.0.0.1 being in the port field in the db config so i hardcoded the port in that file, that solved that issue

Then i had an issue with the root user failing password yes when it went to write the db files. So i hard coded the superuser name, superuserpassword in the db config file as such

FYI dont leave your pw in there after you install, if you have to rerun it then put your PW back then remove it again, dont leave it in the file. Also this file will be overwritten during an update.

#added by dave to fix port issue and user issue during config
MYSQL_PORT='3306’
MYSQL_SUPER_USER='root’
MYSQL_SUPER_USER_PASSWD='mypassword’
MYVER=echo "select version();" | mysql -h$MYSQL_HOST -u$MYSQL_SUPER_USER -p$MYSQL_SUPER_USER_PASSWD -P$MYSQL_PORT -N

After doing that then it actually created the tables, so it seems there may also be a bug somewhere between the user input and the end value of the vars on that line. Could be a sanitation or validation issue

So now i get a new error it says

Checking MySQL version…
mysql: [Warning] Using a password on the command line interface can be insecure.
Ver 5.7.15 found compatible
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.

mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE USER kaltura;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE USER etl;
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE DATABASE kaltura;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE DATABASE kaltura_sphinx_log;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE DATABASE kalturadw;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE DATABASE kalturadw_ds;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE DATABASE kalturadw_bisources;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
CREATE DATABASE kalturalog;
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
Checking connectivity to needed daemons…
Connectivity test passed:)
ERROR: Couldn’t make an API request to https://titan.example.com/api_v3/index.php?service=system&action=ping.
Please check your setup and then run /opt/kaltura/bin/kaltura-db-config.sh again.

Do you wish to remove the Kaltura DBs? [n/Y]
Hit ‘n’ to keep it for debugging purposes.

Y
This will drop the following DBs:
kaltura kaltura_sphinx_log kalturadw kalturadw_ds kalturadw_bisources kalturalog
and remove users:
kaltura etl
on 127.0.0.1

NOTE: this is not reversible.
It is recommended you also back up the current data using mysqldump before continuing.
You can use /opt/kaltura/bin/kaltura-export-db.sh to export the data.

Are you absolutely certain you want this? [n/Y]

Y
root DB passwd:
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
Removing kaltura…mysql: [Warning] Using a password on the command line interface can be insecure.
Removing kaltura_sphinx_log…mysql: [Warning] Using a password on the command line interface can be insecure.
Removing kalturadw…mysql: [Warning] Using a password on the command line interface can be insecure.
Removing kalturadw_ds…mysql: [Warning] Using a password on the command line interface can be insecure.
Removing kalturadw_bisources…mysql: [Warning] Using a password on the command line interface can be insecure.
Removing kalturalog…mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR: we failed on something else…

Have not yet found the solution for this one…

OK found this so it gives me an idea what i need (fyi this link really needs to be front and center on the website and not hidden in some search related doc) It would really help new people understand what this is if this was right there on the front page, and answer alot of questions before hand.

https://knowledge.kaltura.com/kaltura-video-platform-architecture-overview

So i appears im missing the first layer outside of the core - the API - so how do i get the API is the next question.

It apprears they want us to use the API test console to generate code but that link is not valid.
http://www.kaltura.com/api_v3/testme/index.php 404 now found