Jump to content
Server Maintenance This Week. ×

What SSL Certificates are Supported on FileMaker Server 14?

Jimmy Williams

By Jimmy Williams
in FileMaker Server 14

 Share

This topic is 3265 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies
Jimmy Williams Newbie

Jimmy Williams

Posted
  • Newbies
Posted

I purchased my license to FileMaker Server 14 yesterday and it installed perfectly on my clean Windows Server 2008 R2 SP1 virtual machine.  In the course of saving my progress I restarted the server a few times making snapshots and everything was working fine each time I logged into the Admin Console.

Then, I used the fmsadmin command to create a certificate request and purchased a GeoTrust QuickSSL Premium certificate and using the fmsadmin tool installed the certificate.  The command line tool gave no errors and I could see that serverRequest.pem, serverKey.pem and serverCustom.pem were all created in the FileMakerServer\CStore forlder.

I restarted the entire server and now when I log into the Admin Console there is an error that says "Another copy of FileMaker (FMS14 (fms14.austinmichael.com)) is already running with this license.  This copy of FileMaker Server will not open any databases, but will allow updating the license key or configuring for standby server."

There are no other copies of FileMaker Server on the network and FMS14 is the server I'm trying to setup.  The license key is conflicting with itself.

When I remove the .pem files from the CStore folder everything works, except of course I don't have a CA signed certificate.

GeoTrust QuickSSL Premium is listed as compatible on this page (with FileMaker Server 13 at least):  http://help.filemaker.com/app/answers/detail/a_id/11413

Does anyone here use custom certificates to secure your FileMaker Server 14 server?  If so, where do you get them from?

Link to comment
Share on other sites
Ocean West Grand Master

Ocean West

Posted
Posted (edited)

I got mine from NameCheap who resells GeoTrust

http://campsoftware.com/blog/easily-generate-and-install-a-57-dollar-custom-filemaker-server-ssl-certificate

I got the same error you may have to quit the server by using

sudo launchctl stop com.filemaker.fms

then restart your server

Edited by Ocean West
Link to comment
Share on other sites
  • Newbies
Jimmy Williams Newbie

Jimmy Williams

Posted
  • Author
  • Newbies
Posted

Just an FYI, I tried installing a GoDaddy Standard SSL with SHA-2 (SHA 256) and I received the same error.  FileMaker support acknowledged others have called in with similar problems but can't reproduce the problem themselves and basically told me they would no longer help me which is terrible customer service because even if it's on my side wouldn't they want to know what's causing the problem so they can better advise their other customers?  I've installed custom SSL Certificates on many FileMaker Server 13 servers without issue.

Has anyone successfully installed a custom SSL certificate for FileMaker Server 14 on Windows Server? 

Link to comment
Share on other sites
Hijack Community Regular

Hijack

Posted
Posted

I'm in  similar pickle with a FMS 14 Windows deployment.  Our company has a wildcard cert from Network Solutions which is not on the supported list.  I have updated our IIS install with this cert in the binding on 443 and 16000 but access to the WebDirect interface still produces the error "The standard FileMaker certificate is installed on this server." which isn't the case any longer.  Either I'm missing another place to update the cert or the error message is erroneous and really should say "You're using a cert from an unsupported vendor."  I can understand if I get a message stating the use of an unsupported cert but to still get the message about the standard cert is making me wonder what the REAL issue is.

Has anyone gotten *any* cert to work either with or without a new message from the WebDirect engine.  I called FM and they essentially wrote me off immediately once I mentioned a cert from a vendor not on their list. 

Thanks

Link to comment
Share on other sites
  • Newbies
Jimmy Williams Newbie

Jimmy Williams

Posted
  • Author
  • Newbies
Posted

FileMaker has admitted this is a bug on their part and many others are having the same problem:

https://community.filemaker.com/thread/84492

https://community.filemaker.com/message/186339

It has nothing to do with where you got your certificate.  Even legit certificates are getting this error.  Their current "workaround" while we wait for a fix is to use the Free Trial version from their website.  It won't give this error because it doesn't check for duplicate licenses.

Link to comment
Share on other sites
Hijack Community Regular

Hijack

Posted
Posted

I was able to get our custom public wildcard cert to be accepted by FMS14 and stop the licensing conflict error by following the suggestion put forth by a FM rep in the thread that Jimmy noted.  So, even though the cert is not officially supported by FMS, it does appear to work without any problems in the WebDirect interface.  Our FMS install is running under Windows 2008 R2.  I'm not sure how Mac servers can be adjusted to achieve the same workaround but here's the solution in Windows.

  1. Install your custom cert in the user interface presented by IIS in the bindings for 443 and 16000 on the FMWebSite site.
  2. Install your custom cert in the admin site (Apache/Tomcat based) on 16001 in the ..\CStore\customServer.pem file.  This can be done using the fmsadmin.exe command line or if you're like me and had a combined private & public key cert file already made you just copy your cert into the CStore folder under that name.
  3. If you restart your FMS server service at this point you'll get the license conflict message everyone is being plagued with so just stop the FMS service for now.
  4. According the FM rep in the thread Jimmy posted a link to, the culprit is really the Bonjour service.  That can be turned off and disabled and the license conflict message will abate.  But, under windows, the FMS installer installs FMS with a dependency to Bonjour so you have to go into the registry and remove that dependency in order to be able to stop Bonjour and start the FMS service.
  5. Delete or rename the  hklm\system\currentcontrolset\services\filemaker server\dependonservice reg_multi_sz setting.
  6. Do the same in the ControllSet001 and 002 branches if the FileMaker Server service is found in them.
  7. Set the Bonjour service to a Disabled start up value. 
  8. Reboot server (can't just recycle FMS service)

That sequence seemed to work for me.  Good luck all.

  • Like 1
Link to comment
Share on other sites
Hijack Community Regular

Hijack

Posted
Posted

One last point, disabling the Bonjour service keeps your server from being found on a "Local Servers" query by clients.  Our server is not on the same vlan as clients so that was never an issue with us anyway.  It was never visible by a local servers search.  But, if your clients were used to accessing your server in that manner they will need to define the host as a Favorite.

Link to comment
Share on other sites

This topic is 3265 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept