Open Source Document Management System | OpenKM

Because information matters
https://forum.openkm.com/

ZOHO integration in Community Edition 6.3.0

https://forum.openkm.com/viewtopic.php?t=12291

Page 2 of 2

Re: ZOHO integration in Community Edition 6.3.0

PostPosted:Fri May 30, 2014 8:37 am
by Catscratch
Ok guys. I found the problem.

To use ZOHO integration you have to configure your server to deliver the whole certificate chain by itself, because the ZOHO client does not look for the chain. In my case I reconfigured APR in tomcat to deliver the ca chain separatly to the server certificate.

It looks like this:
Code: Select all
    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    
    <Connector port="8443" address="0.0.0.0" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true" acceptCount="100"
			   enableLookups="false" clientAuth="true" sslProtocol="SSLv3"
			   SSLCipherSuite="ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT"
			   SSLCertificateFile="/home/openkm/tomcat-7.0.27/cert/serverpublic.pem"
			   SSLCertificateKeyFile="/home/openkm/tomcat-7.0.27/cert/serverprivate.pem"
			   SSLCertificateChainFile="/home/openkm/tomcat-7.0.27/cert/serverpublicchain.pem"
			   allowUnsafeLegacyRenegotiation="false"
			   />
Now ZOHO integration is working!

Re: ZOHO integration in Community Edition 6.3.0

PostPosted:Sun Jun 01, 2014 5:34 pm
by jllort
Thanks for your support this information will be valuable to other users. I've added at http://wiki.openkm.com/index.php/Troubl ... tion_fails

Re: ZOHO integration in Community Edition 6.3.0

PostPosted:Thu Jun 05, 2014 2:18 am
by baolinhtv
anyone have solution for ip address with 8080 port for zoho working ?

Re: ZOHO integration in Community Edition 6.3.0

PostPosted:Sun Jun 08, 2014 10:19 am
by jllort
I think is not possible, by default zoho always do a call to port 80. You should not expose tomcat port 8080, you should always configure apache reverse proxy as is described here http://wiki.openkm.com/index.php/Apache. With it you solve two problems, zoho and security issues.

Re: ZOHO integration in Community Edition 6.3.0

PostPosted:Mon Jun 09, 2014 7:44 am
by Catscratch
You can also simply use iptables to reroute your traffic from 80 to 8080. I'm doing this for 443 to 8443. Than you don't have to change anything in your running system configuration.

Rule looks like this:
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

But as i mentioned, I think the port is not the problem for ZOHO. It's the IP.

Re: ZOHO integration in Community Edition 6.3.0

PostPosted:Wed Jun 11, 2014 6:56 am
by jllort
Are both things. Zoho only work with port 80 and need accessing public internet IP ( alhought internally you configure NAT or similar ), but from zoho view you need accesible internet url across port 80
All times are UTC
Page 2 of 2
Powered by phpBB® Forum Software © phpBB Limited