Recently I needed to set up SSL in my development environment in order to debug an issue. I needed to make sure that 

• Tomcat could serve SSL content properly
• As an Http client, the JVM could accept a self-signed (untrusted) certificate. If you've ever come across a website that asked you if you want to accept an untrusted certificate, this is basically the same thing, but there's no UI to import certificates into the JVM.  

While this sounds simple to do, there's a lot of scattered information on the web about setting this up and nothing that matched the exact use case that I needed.

1. Create a self-signed certificate using keytool. The following command generates a certificate keystore with one self-signed certificate inside it with filename keystore. I used the password "changeit", but you can use whatever you want. Just make sure the Tomcat configuration uses the same. 

   keytool -genkey -alias tomcat -keyalg RSA -keystore keystore 

2. Configure Tomcat to use the certificate / keystore that we just generated. This tells Tomcat to send the certificate whenever you access the server @ https://host:8443. In server.xml look for the SSL connector:

   <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
       maxThreads="150" scheme="https" secure="true"
       clientAuth="false" sslProtocol="TLS" 
       keystoreFile="/Users/myoung/projects/portal/trunk/tomcat/keystore" 
       keystorePass="changeit" />
    

3. Import the certificate into the JVM's keystore. This tells the JVM that this is a "trusted" certificate so that when Liferay makes https requests to Tomcat it will proceed without errors
   • Export the key from the keystore you generated in step 1. This extracts the certificate so that you can import it into the JVM's store

     keytool -export -alias tomcat -keypass changeit  -file server.crt -keystore keystore

   • Import the cert into the JVM. "cacerts" is the filename of the JVM keystore. The path will be different on Windows (should be in %JAVA_HOME%/jre/lib/security/cacerts).

     keytool -import -alias tomcat -file server.crt -keypass changeit -keystore /System/Library/Java/Support/Deploy.bundle/Contents/Home/lib/security/cacerts

4. Check to see that the certificate was properly imported.

   keytool -list -keypass changeit -keystore /System/Library/Java/Support/Deploy.bundle/Contents/Home/lib/security/cacerts

 In an earlier post I demonstrated how to add OpenSocial Gadgets as first-class citizens within Liferay. In this post I'd like to show you how  we have created a custom preferences UI.

This sample gadget has three preferences: pref1, pref2, and pref3.

<?xml version="1.0" encoding="UTF-8" ?>

<Module>

<ModulePrefs title="Multiple SetPref - Iframe">

  <Require feature="setprefs"/>

</ModulePrefs>

<UserPref name="pref1"

          datatype="string"

          default_value="0" />

<UserPref name="pref2"

          datatype="string"

          default_value="0" />

<UserPref name="pref3"

          datatype="string"

          default_value="0" />

<Content type="html">

...

</Content>

</Module>

To access our custom preference UI, go to "Configuration" :

 Liferay 6 will feature an OpenSocial container based on Shindig. OpenSocial Gadgets present as first-class citizens via the "Add Application" menu, just like portlets.

To configure a Gadget in Liferay, all you need is the Gadget URL. In the screenshots below I've configured three gadgets:

1. http://www.labpixies.com/campaigns/todo/todo.xml
2. http://www.google.com/ig/modules/horoscope.xml
3. http://localhost:8080/opensocial-portlet/gadgets/files/samplecontainer/examples/SocialHelloWorld.xml (this is a sample Shindig gadget)

Back in Nov 2008 we migrated SVN servers for committers. We pushed our commits to the Sourceforge SVN server on a regular basis, and that worked well for some time. Recently we discovered that large commits could not be synced and we've had an outdated Sourceforge repository for a couple weeks.

Now that our new SVN servers are quite stable and we've completed the migration for all committers, we've opened anonymous read access for everyone.

To migrate your local source code to the new servers, simply issue a relocate command, like this:

svn switch --relocate https://lportal.svn.sourceforge.net/svnroot/lportal svn://svn.liferay.com/repos/public

or

svn switch --relocate https://lportal.svn.sourceforge.net/svnroot/lportal http://svn.liferay.com/repos/public

One of the benefits of having our own dedicated SVN servers is that we have been able to set up a Fisheye server at http://svn.liferay.com. We tried to set up Fisheye against our Sourceforge.net servers, but because of the size of our repository and remote connection we could never get the initial index to complete.

We've also set up the Fisheye plugin for JIRA so that you can view the changelog associated with every issue.

A big thank you to Atlassian for granting us open source licenses.