Commercial SSL certificates in general and wildcard certificates in particular are getting more expensive by the day.
And we never bothered to go through the OpenSource project checks that some certificates dealers offer.
But now there's a new player on the field, Let's Encrypt, a community project backed by some of the bigger Internet players.
Let's Encrypt just opened the beta phase to the public a few days ago, so it's time for Clazzes.org to join in.
Due to ....
- Let's Encrypt's restrictions (no wildcards, only 5 certs per domain per 7 days)
- fear of using "alternate name" certificates
- fear of cutting of apt-get, yum, mvn, ...
... we started with the following https sites:
Please feel free to report any related certificate problems you might encounter to admin at iteg dot at.
We just migrated clazzes.org to a larger DC with better connectivity.
Sory for any migration inconveniences.
Why, Debian, why?
Last weekend I updated the SSL certificate used for all VirtualHosts on Clazzes.org, like this very site, and https://deb.clazzes.org and some others.
Therefore, Tools like
curl refuse to download GPG keys, packages, or other stuff from Clazzes.org with https, unless special options like
--no-check-certificate are used.
We are already thinking about providing updated
ca-certificates packages for
old-stable versions like
squeeze and I just entered the bug discussion.
It was only a matter of time ...
Due to content spamming we were forced to turn off self registration, sorry.
We don't want to discourage contributors, though. Anyone interested in an account please drop an E-Mail to admin at clazzes dot org, or DM us on Twitter: @ClazzesOrg.
IPv6 has reached Clazzes.org and we are now running in dual stack mode, offering services over IPv4 and the "new" IPv6!
Current Server Status: IPv6 up and running
Two days ago our housing provider offered us to participate in the "friendly user phase" for there ongoing IPv6 introduction.
Technically this means:
- We have been assigned an official global IPv6 subnet
- We have full IPv6 connectivity
- We should get the according reverse lookup zone assigned to use soon
- But IPv6 operation is not yet part of the SLA, and in case of major connectivity problems IPv4 gets repaired first
Client Applications Status: Tweaking may be required
IPv6 is not that new and there are regions and internet access providers without IPv4 addresses.
Therefore the majority of applications has good dual stack support now: When a server has IPv4 and IPv6 addresses, connections over both channels are attempted, either concurrently (faster one wins) or one after the other. This should allow pretty much all applications to connect to the server, even if the IPv6 setup or connectivity is broken somehow.
If an application fails to connect nevertheless, or if the attempt-both-approach just costs too much time, it is usually possible to tweak the application behaviour. For some details, feel free to read our according KnowHow arcticle on HowTo invite applications to prefer IPv4 or IPv6.
GTK confusion in Eclipse 4.4
Atlassian promises major search enhancements for Confluence 5.2, therefore just upgraded confluence.clazzes.org.
Jira got a minor update, to 6.0.6
It's been on my wishlist for over a decade.
Now we have a solution for one common application architecture: SDS (SQL Directory Service) is released as 1.0.0.
If a 3-tier web app uses a Web 2.0+ client (Capable of using DOJO 1.8), an OSGi container (like Apache Karaf) and a SQL database, SDS provides a stand-alone user (and groups) database and a web interface or maintaining users and groups, which can be used by applications easily facilitating our DomainPasswordLoginService concept.
SDS_ prefix for it's tables' names allows it to co-exist with the application's tables in a single database.
Together with the multi-auth-backend dispatcher org.clazzes.login.broker it is just as easy to combine sources of authentication: Normal end users might authenticate against LDAP backends like ADS, while other programs (like cronjobs updating a web site) may authenticate towards the SDS tables which may be easier to manage by the application's managers and do not eat up resources and licenses in the ADS infrastructure.
Open source projects should be somewhat "social", therefore Clazzes.org has joined Twitter, as @ClazzesOrg
As of yesterday the clazzes.org server has been upgrade from Debian 6 squeeze to Debian 7 wheezy.
Special my.ini settings which had been required by former Confluence versions but are incompatible with MySQL 5.5 caused minor problems, therefore Jira and Confluence have been unusable a bit longer than expected ;-(
We apologize for any inconvenience.
Confluence 5.0.x has a bug making the edtior close to unusuable in Google Chrome 27, which was named stable today.
Therefore we just upgraded clazzes.org to Confluence 5.1.3 which solves the problem right away.
Due to a weird problem of the confluence installer (net not found in java library path), and after good results from upgrading Java on other hosts, I also upgraded Java to 1.7.
Using the momentum, Jira was upgraded too and is now at 6.0.
Unfortunately an OpenSource nightmare scenario has hit FTPSync with 1.3.07: It uploads files even in download mode.
I have fixed the bug #38906 with git commit 65c0a4fed73b719352e5fa00096a4081d9cc3a63, but I actually recommend to use the re-released ftpsync-1.3.06-0.tar.bz2.
Thank You Atlassian
Last weekend I added links from Confluence to svn and Jira, and from Jira to Confluence.
Furthermore we installed the free Jira-SVN-Plugin so we Jira can now automatically refer from issues to svn commits with comments containing the issue key. Nice.