After updating to 13.20 (from a much older version using progressive download), I’ve run into some trouble with the nginx configuration. My test server doesn’t use HTTPs, so it went well there, but something appears to be wrong on my production server.
When I first ran the config script, I had both the VOD_PACKAGER_PORT and VOD_PACKAGER_SSL_PORT set to 88. I did try re-running the config with the SSL PORT set to 8443.
I did find the delivery profile table (taken from the instructions) and manually switched the url to use 8443 instead of 88. Ports 88 and 8443 are both open.
My nginx error log looks like this:
2018/06/06 14:59:14 [error] 13520#13520: *1 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: [ip removed], server: servername, request: “GET /hls/p/100/sp/10000/serveFlavor/entryId/0_ss5ctjeb/v/2/flavorId/0_3lpnwekh/name/a.mp4/index.m3u8 HTTP/1.1”, subrequest: “/kalapi_proxy/hls/p/100/sp/10000/serveFlavor/entryId/0_ss5ctjeb/v/2/flavorId/0_3lpnwekh/name/a.mp4”, upstream: “https://127.0.0.1:80/hls/p/100/sp/10000/serveFlavor/entryId/0_ss5ctjeb/v/2/flavorId/0_3lpnwekh/name/a.mp4?pathOnly=1”, host: “servername:8443”, referrer: “https://servername/index.php/extwidget/preview/partner_id/100/uiconf_id/23448445/entry_id/0_ss5ctjeb/embed/auto?&flashvars[streamerType]=auto”
2018/06/06 14:59:14 [error] 13520#13520: *1 open() “/etc/nginx/html/50x.html” failed (2: No such file or directory), client: [ip removed], server: servername, request: “GET /hls/p/100/sp/10000/serveFlavor/entryId/0_ss5ctjeb/v/2/flavorId/0_3lpnwekh/name/a.mp4/index.m3u8 HTTP/1.1”, host: “servername:8443”, referrer: “https://servername/index.php/extwidget/preview/partner_id/100/uiconf_id/23448445/entry_id/0_ss5ctjeb/embed/auto?&flashvars[streamerType]=auto”
In the browser when I try to play, I get an error that references the Access-Control-Allow-Origin header:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://servername:8443/hls/p/100/sp/10000/serveFlavor/entryId/0_um16sz7y/v/12/flavorId/0_w9x78t15/name/a.mp4/index.m3u8. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
(I’ve blocked out the requesting IP and server IP, but they do show up correctly)
I found mention of adding this to kaltura.conf in another thread, but it seemed to be the non-SSL config. I wasn’t sure if I needed to add it (or where to add it) for an SSL config. I’m happy to provide any of the config files. In the other threads I’ve found, they look to be the same (as well as the delivery profiles table).
Thanks for your help!