We're updating the issue view to help you get more done. 

Embedded RSS/community links need to be updated for new (SSL) locations

Description

The embedded RSS feed URLs and other Ignite site links that are enbedded with the Openfire admin console need to be updated to reflect recent changes in the Ignite web site. Specifically, the site is now configured to use SSL, so all links should be updated to https:// equivalents.

http://www.igniterealtime.org/community/blogs/ignite/feeds/posts
http://www.igniterealtime.org/community/community/feeds/messages?community=2017

Environment

None

Acceptance Test - Entry

None

Activity

Show:
LG
October 19, 2014, 6:49 AM

+1 REMOVE the RSS links code form the Admin Console.

Guus der Kinderen
April 17, 2015, 1:57 PM

Removing the feed won't fix the problem for existing installs. We should prefer a solution that is backwards compatible. Additionally, that feed is somewhat useful to make admins aware of new releases.

wroot
April 17, 2015, 8:34 PM

Admin Console is still showing an info box about a new version available (as well as sending a message to admin account, though nobody probably is logging to a client with it). Also these links doesn't just show an info about the new releases, but general news/blog posts. A good admin would have other means to find out about new versions and won't be hurrying to install new version right away anyway. And he may still have to wait for a new package to show up in his linux distro repository. I just don't see much value in this. Countered by a distraction and.. they just look out of place on the Admin Console page.

Existing installations has an option to disable the rss. A few times a problem of logging into Admin Console appeared, nobody complained about not having these links anymore, they were glad Admin Console worked again.

Whissi
November 22, 2015, 1:32 AM

FYI: The problem is, that https://community.igniterealtime.org/ configuration is invalid. The host is using a certificate signed by a sub ca (GeoTrust SSL CA - G3) but the server only sends the certificate.

Because the truststore shipped with OpenFire only contains the root ca (GeoTrust Global CA, aka "geotrustglobalca" alias in keyfile) JAVA fails to validate the certificate (if you ask why it is working in your browser: Firefox for example explicitly added the sub ca to their truststore, too).

So how can this be fixed? The admin of community.igniterealtime.org should fix the configuration to include the sub-ca (either use a directive like "SSLCertificateChainFile" of your webserver or concatenate the cert with the cert of the sub ca (echo cert.pem sub-ca.pem > cert_used_by_webserver.pem). Then the error will go away because now JAVA is able to validate the chain using the included root ca.

If you cannot fix your site just add the sub ca to the truststore shipped with OpenFire in the next release.

Guus der Kinderen
December 14, 2015, 11:01 AM

The RSS feed is fixed in 4.0.0-Beta-1.

The original stack trace included references to ClearSpace. ClearSpace support was dropped (). I am assuming that CSH's work fixed the RSS feed problem as a by-product.

Assignee

Guus der Kinderen

Reporter

Tom Evans

Labels

None

Expected Effort

None

Ignite Forum URL

None

Fix versions

Affects versions

Priority

Major
Configure