Skip to main content

Blogger Blog Readers Unable To Comment, Using OpenID Accounts Hosted By WordPress

We're seeing a scattered collection of reports, mentioning problems publishing comments, using OpenID authentication.

This problem appears to be related to the Blogger rollout of SSL support, for our blogs, which is currently in progress. SSL, or Secure Socket Layer, represents the next step in blog / website security - a step which the Internet community has been taking, for many years.

Blogger has been using SSL (aka "HTTPS" login), in their dashboard, for several years.
That's a secure Blogger login. The problem with Blogger using SSL in our blogs is that moving to SSL requires care, to avoid confusing our readers. Lack of care will subject our readers to the well known "mixed mode" warnings.
This site has insecure content.
Only secure content is displayed.
Firefox has blocked content that isn't secure.
These are several examples of what were normal, years ago, on many websites. Blogger does not want our readers subject to needless confusion, from these warnings.

Blogger blog owners have been asking, for years, that Blogger support SSL in BlogSpot (and our custom domains).

FaceBook upgraded to SSL, in 2013 - and saw problems with Blogger content.

Last year, FaceBook upgraded to SSL. Blogger blog owners, who were also FaceBook members, watched their Walls, which contained HTTP links to their Blogger blogs, show the "mixed mode" warnings.
The real issues begin to arise, however, when your application must include assets served by servers which also do not support SSL.
We’ve all experienced “mixed mode” warnings, with some browsers being much more annoying about them than others. "Mixed mode" means you requested a page over SSL, but some of the resources needed to fully render that page are only available over unencrypted HTTP.

Blogger is offering the option for us to upgrade our blogs, this year.

Now, Blogger is upgrading, so our blogs may (optionally) support the SSL protocol - and not confuse FaceBook members, who post links to our blogs. To avoid the "mixed mode" warnings, which would confuse our readers, they are upgrading all Blogger processes, including OpenID authentication, to support SSL.

The Blogger upgrade has exposed a WordPress inconsistency.

Just as FaceBook upgrading to SSL helped to cause Blogger to upgrade, so is Blogger upgrading to SSL exposing an inconsistency in WordPress use of SSL, for OpenID authentication.
The problem in my case (and maybe in others as well) seems to be that is send for verification to the OpenId server. This is what I could figure out from the URL. If you than manually replace HTTPS with HTTP, it works.
This comment suggests that WordPress, which in general is using SSL security, has an OpenID server that has not been upgraded.

WordPress needs to check their OpenID servers.

So now, Blogger has to wait for WordPress to fall into step, consistently. Until WordPress upgrades their OpenID server, people who want to use a WordPress OpenID account, to comment on our blogs, will have to select "OpenID", instead of "WordPress" - then enter the WordPress OpenID URL, as
And wait for WordPress to upgrade their server.


Popular posts from this blog

Adding A Link To Your Blog Post

Occasionally, you see a very odd, cryptic complaint I just added a link in my blog, but the link vanished! No, it wasn't your imagination.

What's The URL Of My Blog?

We see the plea for help, periodically I need the URL of my blog, so I can give it to my friends. Help! Who's buried in Grant's Tomb, after all? No Chuck, be polite. OK, OK. The title of this blog is "The Real Blogger Status", and the title of this post is "What's The URL Of My Blog?".

Add A Custom Redirect, If You Change A Post URL

When you rename a blog, the most that you can do, to keep the old URL useful, is to setup a stub post , with a clickable link to the new URL. Yo! The blog is now at!! Blogger forbids gateway blogs, and similar blog to blog redirections . When you rename a post, you can setup a custom redirect - and automatically redirect your readers to the post, under its new URL. You should take advantage of this option, if you change a post URL.