How To Set Up Mobile Client on Sites using SSL

Knowledge Base

Knowledge Base >

Solution

To allow the Mobile Client to Connect to an SSL site one of the following options must be configured.

Note: The current release of the Mobile Client does not support connecting to a site that has SSL enabled and also requires Windows Authentication.

Option 1: Modify the repository.properties file.

Note: This will allow the Mobile Client Connector to communicate to DocuShare “under the hood” via the tomcat port (even when the tomcat port is disabled).

To edit the repository.properties file:

Warning: Do not do the edits below unless you are prepared to stop and restart the DocuShare Server as per the instructions below. The repository.properties file cannot be updated while DocuShare is running and will cause issues and errors in DocuShare.

1. Stop DocuShare.

2. Open a Command Prompt window.

3. Change into the <dshome>\bin directory.

4. Type start_docushare env

5. Identify the Tomcat Port and ROOT_base.

Example:

Tomcat HTTP =on (8080)

Tomcat DocuShare Root = /docushare

6. Open Windows Explorer and browse to the <dshome>\config directory.

7. Open the amber.properties file in a text editor.

8. Search for the following entry:

doc_base=/docushare/

9. Make note of the docushare root (doc_base) that is configured. (Example has entry highlighted in red)

10. Open <dshome>\tomcat\webapps\<doc_base>\WEB-INF\classes directory.

11. Open the repository.properties file in a text editor such as Notepad.

class=com.xerox.docushare.opencmis.fileshare.DocuShareServiceFactory

#repository.docushare = http://localhost:8080/docushare

#proxy = www.myproxy.com:8000

12. Verify that the tomcat port # and the docushare root (doc_base) are the same as what was listed in your Server.xml and amber.properties files. If required edit respository.properties file with the correct port number and docushare root to match the values found in the Server.xml and amber.properties.

13. Remove comment (#) from line two.

14. Example before the edit to line 2. (comment that should be removed is displayed in red in this example):

class=com.xerox.docushare.opencmis.fileshare.DocuShareServiceFactory

#repository.docushare = http://localhost:8080/docushare

#proxy = www.myproxy.com:8000

Example after the edit to line 2.

class=com.xerox.docushare.opencmis.fileshare.DocuShareServiceFactory

repository.docushare = http://localhost:8080/docushare

#proxy = www.myproxy.com:8000

Note: The entries above can have spaces like the example above, the entries also work without spaces.

Example : repository.docushare=http://localhost:8080/docushare.

15. Start DocuShare.

Option 2: Place the Web Servers SSL certificate into the DsTrustStore.

Note: You must already have a copy of the SSL Certificate exported from the WebServer.

To place the certificate .cer file into the DSTrustStore:

1. Open Windows Explorer and locate the .cer file you exported using the Certificate Export Wizard.

2. Copy the .cer file and paste into the directory containing the DSTrustStore file.

Example:

<dshome>\jdk1.6.0\jre\lib\security

Where <dshome> is replaced with the installation directory for DocuShare. Depending on your installation environment the path may vary. The default installation path during install is C:\Xerox\Docushare.

3. Open a command prompt window and navigate to the directory containing dstruststore.

Example:

cd Xerox\Docushare\jdk1.6.0\jre\lib\security

4. At the command prompt, enter the set PATH command to set the PATH environment variable. Use set PATH=%PATH%;\jdk1.6.0\jre\bin.

Example:

set PATH=%PATH%;C:\Xerox\Docushare\jdk1.6.0\jre\bin

5. After you have set the PATH variable, at the command prompt, type keytool, without arguments. The keytool Utility help appears. The Keytool Utility places the SSL certificate in the DSTrustStore.

6. At the command prompt, enter the following keytool utility command and then press Enter.

keytool –import –alias <alias_name> -file <path/cert_file> -keystore dstruststore

Note: The Keytool utility places SSL certificate in the DSTrustStore.

Replace <alias_name> with a unique name for the certificate file.

Replace <path/cert_file> with the name of the certificate file (.cer) that you exported and copied to the directory containing the dstruststore file.

For example:

C:\Xerox\Docushare\jdk1.#.0\jre\lib\security\dstruststore\certificate.cer.

Note: Press Enter to start the command. A request for a password appears. Enter password and press Enter. (You can create a password at this time.)

7. When the Trust this certificate? [no]: prompt is displayed type yes and press Enter.

Example:

C:\Xerox\Docushare\jdk1.6.0\jre\lib\security>keytool -import -alias dssql -file SSL_Cert_SQL.cer –keystore dstruststore

Enter keystore password: password

Owner: DOCUSHARE

Issuer: DOCUSHARE

Serial number: 09

Valid from: Sat Jun 09 06:05:10 IST 2012 until: Sun Sep 09 06:05:10 IST 2014

Certificate fingerprints:

MD5:

SHA1:

Trust this certificate? [no]: yes

Certificate was added to keystore

8. Examine the screen output to ensure that Keytool successfully added the certificate to the keystore.

9. To verify if the certificate has been import successfully, enter the keytool utility command keytool –list –keystore C:\Xerox\Docushare\jdk1.6.0\jre\lib\security\dstruststore

Enter keystore password:

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 2 entries

dssql, Jun 9, 2012, trustedCertEntry,

Certificate fingerprint (MD5): 05:….

ABCD, Sep 11, 2002, trustedCertEntry,

Certificate fingerprint (MD5): 48:D8…

Note: (Important Future Maintenance) The security certificate has an expiration date and must be updated before it expires. DocuShare does not have an automated maintenance process to update the security certificate, so this must be done manually.

Solution Published: November 5th, 2014

Solution ID: 1581

Keyword: authentication, ssl


	© 2023 Xerox DocuShare