FileMaker Custom SSL Certificates

I successfully installed a GoDaddy SSL certificate in our Filemaker Server 20.3.1.31 on Windows Server 2022. Filemaker Pro clients and FM Go can connect and SSL is working perfectly. SSL Certificate was also installed in IIS 10 but HTTPS Webdirect is not loading. https://127.0.0.1/fmi/webd/ will load but certificate is not secure. Using http://cws-ph.com will load the Filemaker We bdirect test page but https://cws-ph.com/fmi/webd will result to "This site can't be reached". Is there a guide for Filemaker Server 20.3.1.31 on IIS 10? FMServerIIS.docx

I have been trying to update the default SSL cert for a while now. I followed the steps in the great BlueFeather Certbot/LetsEncrypt integration guide. When I run the GetSSL.sh script, it gets to installing the new cert into on the FMS computer. It asks for the username/password and after I enter the password and hit return, the cursor goes down to a new line and nothing else happens. The command never finishes, and never errors out. I let it go overnight once just to see what would happen. So, I tried to the "Import Custom Certificate" via the FMS Admin interface, I enter the three files, and the password, and FMS crashes and will not start again w…

I'm trying to renew my ssl certificate with letsencrypt.org following the instructions here: https://www.bluefeathergroup.com/blog/filemaker/lets-encrypt-ssl-certificates-for-filemaker-server-for-mac/ When I run the terminal command: I get the follow response (I've replaced my FQDN with "my.domain.com": The response above seems to indicate perhaps I have a firewall issue? I can connect to my filemaker database via my FQDN without issue. However I am having trouble getting to my server admin console via my FQDN:16000/: Any help is appreciated!

It's time to renew our FMS 16 SSL certificate. I generated my certificate request, submitted the application to InCommon through our organization's portal and got back a certificate and intermediate certificate as normal. However, when I tried to import the certs and keyfile I got this error: Certificate could not be imported Config_DBServer_CertificateDialog_ErrorCOMODO RSA Organization Validation Secure Server CA I used a variant of our organization's name when I generated the cert request which I know is not an exact match to the name we used in our FMS license purchase. Does FMS perform an organization name match when importing an SSL certific…

Have been fighting my way uphill in getting an SSL certificate, and I'm almost there. But now: - I used the fmsadmin command to generate my server request, but when I copy the hash out of serverRequest.pem and send it up to GeoTrust, the import fails with the message country code is not valid. Anybody know where to set the country code in FMS14?

Windows Server 2016 Desktop version with updates through 8/17/2019. Installed in the default location. Required ports or forwarded to the server and are open on the server. 80, 443, 2399, 5003, 16000 The instructions for getting a certificate are very confusing. When I follow the instructions, I get the following error(s): My FQDN is ARTinLizzies.com OpenSSL> req -nodes -newkey rsa:2048 -keyout artinlizzies.com.key -out artinlizzies.com.csr Can't open C:\Users\tony_zepeda.SC\Desktop\git_fmsource\fmsource\ThirdParty\ports\openssl\InstallDir/openssl.cnf for reading, No such file or directory 2412:error:02001003:system lib…

I am running a single Mac OSX Sierra server with FMS 16 and a GoDaddy certificate Standard SSL with 'server.domain.com' set-up. The certificate is installed correctly according to the Admin Console, and yet if I navigate to the WebDirect, the browser is showing the FMI Default Certificate and is blocking the user. I have gone round in circles for two days so hoping someone can point me in the right direction. How do I stop the default FMI certificate from being used by WebDirect or FMPro users for that matter?

Hello Everyone, I am looking to purchase a SSL certificate for my FileMaker 17 server. Just want to check, which FileMaker CA to look for: 1) GeoTrust 2) GoDaddy 3) Symntec 4) Comodo 5) Thawte Please suggest. Thanks in advance.

The SSL mismatch and Interactive Containers errors in macOS FMP bug persists. FMP/FMPA macOS clients (v15 and forward I believe) using bonjour browsing to connect to database will see ERROR when trying to play audio files in interactive containers (or cannot play videos or work with PDFs). Connecting via FQDN does not have this problem. But why should local clients have to go out through the WAN and back in? FileMaker Go clients and Web Direct clients will be warned about mismatch but can proceed and interact with containers. Windows FMP/A clients are fine as well. Only macOS FMP/A clients have issue. This has been around a while...any possibility of a fix? (Modifying /et…

I have encountered this situation in two separate instances. 1) In the last company i worked for. I updated them to Filemaker Server 16 2) With a current client of mine which i set them up on Filemaker Server 17 My dilema is the following: I designed two completely different databases, one in each scenario and both have had the same issue. As i am designing the database (locally), i am able to upload pdf files and view/interact with them perfectly. However, as soon as i upload it to the server, i loose the ability to view/interact with pdfs anytime i connect via Filemaker Pro from a mac computer. The rest of the database …

My production Filemaker Server 14 running on Mac OS X 10.11 El Capitan (Not Mac OS X Server) has been running fine for a year since I last installed the Thawte SSL Certificate. After renewing the certifate this year, I've tried various different methods of importing the new certificate, which came with an intermediate certificate, but I can't seem to get the intermediate certificate installed. I've been mostly using something like: sudo fmsadmin certificate import --keyfile /Users/richardfincher/Desktop/GBROOMX36-4X/private.key /Users/richardfincher//Desktop/GBROOMX36-4X/ssl_certificate.crt   I've also tried importing it through the web control pane…

Hi I have a SAN SSL certificate with the primary and the intermediate .ctr files Is any one able to explain how I generate the private key (on Mac OSX server High Sierra) thanks Kindly

Dehydrated is a client for signing certificates with an ACME-server( currently only provided by Let's Encrypt ) implemented as a relatively simple bash-script. It uses the openssl utility for everything related to actually handling keys and certificates, so you need to have that installed. Other dependencies are: cURL, sed, grep, mktemp( all found on almost any system, cURL being the only exception ) https://github.com/lukas2511/dehydrated I use dehydrated for nginx

Hello, After installing an SSL certificate in FMS16, Filemaker Pro can not verify the identity of my server "s1.childnology.com:5003". Get(ConnectionState) returning 2 but my FMS name is "s1.childnology.com" same as the SSL. I opened the Inbound and Outbound TCP ports 80, 443, 2399, 5003, 16000 in Windows Server 2016 firewall. If I use FM Web Direct I get a green padlock and no warning message appears I have checked this and the TCP port 5003 is indeed accessible..... at this point I do not know what else to verify or try. Please help

Gday, We are running FM server 16 with FM pro 16 and FM Go 16 clients. We have do not use SSL certs as yet. When opening databases on the go client, the user is presented with a dialog stating that the connection is not secure and would they like to proceed. Secondly, programmatic access to the server is failing due to this new error being returned from the first "ping" of the server. I understand this is normal behaviour but obviously we want to get rid of this. We need to sign our server. The problem is that it is used on the intranet only and CA's will not sign machines that are not public facing. We will not be making our server public facing. W…

Gday, In an effort to figure out how SSL works with filemaker I have enabled the default SSL cert that comes with filemaker. Unfortunately I am still presented with an SSL error when I connect to the databases hosted on the server (see image). What steps am I missing in order to get this certificate to work? I understand this is a "not for production" certificate however it is in date and valid and we are using it to see how a production installation would be achieved. FM Server 16, FMPro 16 Windows server 2012. In order to reproduce the error we: 1. Enabled SSL on the FM server 2. Restarted the service 3. Checked SSL certificate in FM admin cons…

Hello All I spent most of the day following the instructions for upgrading my MacOS 10.10 FMSserver to v 13.0.9 I successfully installed a thawte SSL certificate - Confirmed the client was displaying a Green Encryption Key in the bottom left corner, Browsers connecting to WebDirect also show a validated certificate. I attempted to install the .9 update but the installer told me to uninstall Java (was v8 40) - After figuring out how to downgrade my Java to v 7u 79 I again tried the .9 update which this time successfully installed! Good news right? Nooooo - my client no longer displays a Green Encryption Key in the bottom left corner when connected to the update .9 ser…

Using FileMaker Server 14.0.4.413 on Windows Server 2012 R2. I received a certificate from Comodo, and installed it through the command line tool as instructed from FM Inc. No errors give, and the ServerCustom.pem file was created as expected. After rebooting the server, the web traffic (the Admin Console connection) shows the green lock indicating HTTPS is working. But when I check the 'Use SSL for database connections' in the Admin Console, the warning message underneath the checkbox states that the custom SSL cert installed did not originate from a CA supported by FileMaker. With this option checked, no WebDirect or FMPro clients can see the hosted files. …

I'm having a devil of a time getting FMS14 in good shape. I'm looking for help installing a certificate, but also including a couple of details in case they inspire any other good advice. FMS is hosting my twenty databases and my organization's employees are reaching them without a hitch. It's also true that I can see a sample database via WebDirect. FileMaker customer support has told me that that means the software is installed correctly and there's nothing else they can do to help me. It's also true that when I use Remote Desktop Connection to remote in to the terminal, I can administer FMS (because I'm effectively sitting in front of it) . . . but that I can't admin…

We are working through the steps to bring all of our FileMaker 13 servers to 13.0v9 but are running into a bit of trouble with the custom SSL part. A little background: • We have a process for requesting and obtaining SSL certificates through InCommon (https://www.incommon.org/certificates). This is our IT Security Office’s preferred way to obtain SSL certificates • Technically, Comodo issues the certs, but Comodo is nowhere to be found in the Certification Path of the certs we get from InCommon (they are issued by InCommon RSA Server CA) • InCommon is not one of the vendors listed here http://help.filemaker.com/app/answers/detail/a_id/11413 Our IT Security O…

I have installed an SSL on FileMaker Server to access databases securely via WebDirect. All works well when I use the IP address however I cannot get the FQDN to work (server name.domainname.net.au). I'm obviously missing some integral part in setting up the FQDN on the Mac hosting the FM Server. Can anyone point me in the right direction please? Thanks

Hi, I just installed the custom SSL certificate as part of the update of my FMS13 to 13.0v9, and I noticed the open url script step on my FileMaker Pro client stopped working since the certificate was installed. I have since proceeded with the update and completed it successfully, but the open url issue remained. I'm at a loss as to why this is the case and would appreciate any suggestions to resolve the issue. I know the open url script stopped working after the certificate was installed but before the update was carried out because I happen to have need of using it at that point. The issue appears specific to my FMP client as the same script runs smoothly on FMG as we…

I have FMP Advanced 13.0v3 and I checked to see if there were recent updates and it says 13.0v9? and it has become very complex in how to update. Am I the only one feeling a bit flummoxed over it? It wasn't that long ago I checked for updates so how can it jump to 9?

I find the tech documents surrounding 13.0 v9 to be a little confusing. I am assuming that the SSL certificate only needs to be installed on FMS and no certs are needed for clients accessing the server. I believe this to be correct but want to be sure. Can I get a word on this? Thanks in advance.

I have FMS 13v9 running with almost all of my users on the LAN, connecting to a static IP. I also have an external IP and FQDN with a certificate (I am a server restart away from having that secured - hopefully after hours tonight!). I would like SSL on the internal connections as well, but do not want to route them out through the firewall and back in, just to use the public IP. Can I have more than one certificate installed at the same time? Can I buy a certificate with a private IP instead of a name (192.168.1.x)? Thanks, Paul Samuelson

What with all of the issues and confusion that I've been reading about with Filemaker and Custom SSL certs, I decided to try installing Custom certs in my test environment first. Everything went well and today I installed the certs on my production environment. Everything is the same EXCEPT the Production Environment is running a 2-machine deployment as opposed to the development environments single machine deployment. I noticed that after the Cert was imported into the server the admin console was till throwing an error message saying the cert was invalid. After rebooting the machine this error cleared up, however I am now stuck with the realization that none of m…

So I am venturing in to setting up a certificate with 13 on my server, ( just so I can get experience ) Background: I have a domain that I only use for my server ( Mac mini, Mavericks, with server.app installed) I am in a residential setting so Port's 80 is blocked by my ISP. I have my domain pointing to DynDns service and my router updates the service should my IP address change. I can reach my server console using HTTPS and my domain name externally. And accessing FMP works internally and externally. Actions: I had to make sure I had Read/Write access to the /Library/FileMaker Server/CStore directory I ran the CERTIFICATE terminal command on the server. Making …