Skip to main content

Blogger Blog Readers Unable To Comment, Using OpenID Accounts Hosted By WordPress

We're seeing a scattered collection of reports, mentioning problems publishing comments, using OpenID authentication.

This problem appears to be related to the Blogger rollout of SSL support, for our blogs, which is currently in progress. SSL, or Secure Socket Layer, represents the next step in blog / website security - a step which the Internet community has been taking, for many years.

Blogger has been using SSL (aka "HTTPS" login), in their dashboard, for several years.
That's a secure Blogger login. The problem with Blogger using SSL in our blogs is that moving to SSL requires care, to avoid confusing our readers. Lack of care will subject our readers to the well known "mixed mode" warnings.
This site has insecure content.
Only secure content is displayed.
Firefox has blocked content that isn't secure.
These are several examples of what were normal, years ago, on many websites. Blogger does not want our readers subject to needless confusion, from these warnings.

Blogger blog owners have been asking, for years, that Blogger support SSL in BlogSpot (and our custom domains).

FaceBook upgraded to SSL, in 2013 - and saw problems with Blogger content.

Last year, FaceBook upgraded to SSL. Blogger blog owners, who were also FaceBook members, watched their Walls, which contained HTTP links to their Blogger blogs, show the "mixed mode" warnings.
The real issues begin to arise, however, when your application must include assets served by servers which also do not support SSL.
We’ve all experienced “mixed mode” warnings, with some browsers being much more annoying about them than others. "Mixed mode" means you requested a page over SSL, but some of the resources needed to fully render that page are only available over unencrypted HTTP.

Blogger is offering the option for us to upgrade our blogs, this year.

Now, Blogger is upgrading, so our blogs may (optionally) support the SSL protocol - and not confuse FaceBook members, who post links to our blogs. To avoid the "mixed mode" warnings, which would confuse our readers, they are upgrading all Blogger processes, including OpenID authentication, to support SSL.

The Blogger upgrade has exposed a WordPress inconsistency.

Just as FaceBook upgrading to SSL helped to cause Blogger to upgrade, so is Blogger upgrading to SSL exposing an inconsistency in WordPress use of SSL, for OpenID authentication.
The problem in my case (and maybe in others as well) seems to be that is send for verification to the OpenId server. This is what I could figure out from the URL. If you than manually replace HTTPS with HTTP, it works.
This comment suggests that WordPress, which in general is using SSL security, has an OpenID server that has not been upgraded.

WordPress needs to check their OpenID servers.

So now, Blogger has to wait for WordPress to fall into step, consistently. Until WordPress upgrades their OpenID server, people who want to use a WordPress OpenID account, to comment on our blogs, will have to select "OpenID", instead of "WordPress" - then enter the WordPress OpenID URL, as
And wait for WordPress to upgrade their server.


Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Free Domain Registration By "UNONIC" Is Fraudulent

Blogger blog owners, like everybody else, like to save money.

Some blog owners prefer to save money when registering a custom domain, for their blogs. We've seen several free domain registration services, providing what is claimed to be a two level Top Level Domain "co.xx" (where "xx" == various country codes).

The latest in this ongoing story appears to be "" - and 13 other "top level domains".There is also an additional free service offering third-level .tf domains, under the name United Names Organisation. They occupy 14 second-level domains, including,,, and They are run by the same company as, and are given away as URL redirections.