Migrating of web resources to SSL

Hi all,

I would like to proceed with migrating our igniterealtime web resources to SSL protected. Jive will kindly purchase a cert for this effort. The most noticable change will be changes in URIs, like so:

http://issues.igniterealtime.org -> https://igniterealtime.org/issues/

http://bamboo.igniterealtime.org -> https://igniterealtime.org/bamboo/

…etc…

Of course, apache rewrite rules will be in place to make this ‘transparent’ and hopefully keep all links working going forward.

Anybody have concerns about this?

daryl

Just a comment… I’m personally OK if the main website remains available via HTTP and we add HTTPS to it, so it would be available at both http or https. All the other resources (issues, bamboo, etc) would be secure as Daryl shows.

community.igniterealtime.org will NOT relocate to igniterealtime/community as I’m slowly but surely taking the steps needed to migrate it to the newere Jive Cloud platform.

is there a downside to serving everything over SSL?

+1

No big downsides I can think of, except that there’s no need for it on a anonymous, read-only website.

well, i guess one could argue the forums aren’t anonymous and should be protected. at a glance, it appears the login for the forums is also being done over plain http.

We will be securing the forums as well, just not relocating the resource from community.ignite -> ignite/community.

community.igniterealtime.org: robots.txt only for ssl should be created and disallow indexing content.

PS: Don’t do it, with OpenSSL we might be affected by Heartbleed. Plaintext login seems to be more secure

Good news!

https://community.igniterealtime.org is now SSL ( you may have noticed ).

https://igniterealtime.org/ is now SSL enabled, too. Daryl is working on moving other service to sub URI’s.

https://igniterealtime.org/issues/ should now be working. Please let me know of any troubles, old URLs should automagically be forwarded…

https://community.igniterealtime.org/robots.txt and https://community.igniterealtime.org/sitemap/sitemap.xml do no longer exist. I’ll look at it on Friday unless you have an idea how to fix it.

Fixed… though, I’m not sure if we get to keep these custom files in the new environment.

Heads-up … looks like we have an issue with the new SSL certificate for community.igniterealtime.org: https://community.igniterealtime.org/message/239053#239053

Daryl Herzmann wrote:

https://igniterealtime.org/issues/ should now be working. Please let me know of any troubles, old URLs should automagically be forwarded…

JIRA linking is not working anymore. I have tried putting the new main URL here https://community.igniterealtime.org/admin/edit-render-filter!input.jspa?filterN ame=JIRAFilter

But it does nothing. Or maybe it needs time to propagate.

Also Bamboo has problems with automatic builds.

I see that JIRA links are now work in the forums. But i see error in JIRA:

Couldn’t read data from Ignite Realtime Bamboo. Learn about this issue or go to application links to fix it.

I think I have refreshed the config and it is okay now?

Still see the same error here OF-709

I have raised this issue with Contegix for their help.

Ok. I now see builds. But just numbers. If i click on it, it asks to authenticate, but it never does. I have a user in Bamboo (i think it’s the same from JIRa, linked with Bamboo).

But i still see error instead of commits info. It asks me to authenticate with Fisheye when i go to dashboard and i don’t have a user in Fisheye. Maybe that’s the cause of this error. Though it was at least showing number of commits before.