• ZOHO integration in Community Edition 6.3.0

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 #28784  by Catscratch
 
Ok guys. I found the problem.

To use ZOHO integration you have to configure your server to deliver the whole certificate chain by itself, because the ZOHO client does not look for the chain. In my case I reconfigured APR in tomcat to deliver the ca chain separatly to the server certificate.

It looks like this:
Code: Select all
    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    
    <Connector port="8443" address="0.0.0.0" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true" acceptCount="100"
			   enableLookups="false" clientAuth="true" sslProtocol="SSLv3"
			   SSLCipherSuite="ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT"
			   SSLCertificateFile="/home/openkm/tomcat-7.0.27/cert/serverpublic.pem"
			   SSLCertificateKeyFile="/home/openkm/tomcat-7.0.27/cert/serverprivate.pem"
			   SSLCertificateChainFile="/home/openkm/tomcat-7.0.27/cert/serverpublicchain.pem"
			   allowUnsafeLegacyRenegotiation="false"
			   />
Now ZOHO integration is working!
Last edited by Catscratch on Mon Jun 02, 2014 7:15 am, edited 1 time in total.
 #28891  by jllort
 
I think is not possible, by default zoho always do a call to port 80. You should not expose tomcat port 8080, you should always configure apache reverse proxy as is described here http://wiki.openkm.com/index.php/Apache. With it you solve two problems, zoho and security issues.
 #28898  by Catscratch
 
You can also simply use iptables to reroute your traffic from 80 to 8080. I'm doing this for 443 to 8443. Than you don't have to change anything in your running system configuration.

Rule looks like this:
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

But as i mentioned, I think the port is not the problem for ZOHO. It's the IP.
 #28915  by jllort
 
Are both things. Zoho only work with port 80 and need accessing public internet IP ( alhought internally you configure NAT or similar ), but from zoho view you need accesible internet url across port 80

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.