Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

1 Neutral

About CvM

  • Rank
  • Birthday 09/02/1962

Profile Information

  • Industry
    Publishing and Media
  • Gender
  • Location
    Leiden, the Netherlands

Contact Methods

  • Website URL

FileMaker Experience

  • Skill Level
  • FM Application

Platform Environment

  • OS Platform
  • OS Version
    High Sierra
  1. Thank you for sharing this very helpful paper on FMS17 and SSL. When upgrading from FMS 13 to 17, we came across an issue that might be worth mentioning in future versions of the text. It took us quite some time to figure out that while an existing certificate can in general be reused, this is NOT the case if it was generating under FMS versions 14 and earlier. Instead, you need to go to the CA's website and regenerate your site and intermediate certificates based on a newly created CSR. This will do the trick. Your paper justly states that installing the SSL certificate will NOT take care of securing traffic between your PHP website and web users. Since FMS installs its own flavour of the Apache setup, putting the httpd config files within the Filemaker Server folder, it might be worthwhile providing some pointers for this aspect as well. It is not extremely complicated, but PHP admins appear to feel somewhat left in the cold by FM judging from comments in this forum and others. It would be nice to help them out.
  2. Thank you so much Wim, that worked out just fine! Smooth installation.
  3. All I see at this moment is a 14.0.4 updater and 14.0.4.a patch. Is there no way do a full FMS14 installation a new MacMini under El Capitan? Installing an older version in order to upgrade afterwards results in an error messag '5003' followed by a dialog saying 'not enough access priviliges to this folder'. Or is that a separate issue? Downgrading the OS back toYosemite is not that easy either... Thanks for any wise words!
  4. Hope my experience can help some searching soul out there. I got there in the end. Recently, we upgraded our FMS 12 setup to 13. In the process we had to switch off Server.app's Websites function which we used to serve our php web pages through https with certificates from an external authority (Comodo). I moved our existing php files to the httpsRoot subfolder, which is where they should go. As expected, the URL in the browser was still confirmed as starting with 'https'. But the https connection now came up as untrusted by our own (and our customers'!!) browsers and our expensive green padlock had gone. The FMS 13 Getting Started Guide just says to refer to 'your web server's documentation' for installing a certificate. That is easily said, after FMS13 disabled the Server.app's with all of its convenient features! Just as others describe elsewhere in this forum, I was taken by total suprise when FMS 13 fully took over Apple's and our standard web server setup. What was the easiest way to get the certificates back? I was hoping a slight edit of some configuration file could do the trick, since the certificates were still present on the machine and I could see them in Keychain. Over 48 hours of trial and error followed, in which I tried editing the various Apache commands in FMS's http-ssl.conf file to get them to point to the existing certificates in the /etc/certificates directory. This just resulted in the web server not starting unless I reverted to the original version of the .conf file. I looked at the CERTIFICATE and CERTIFICATE IMPORT fmsadmin commands which can be issued through Terminal. They are described in the final section of the FMS Server Help documentation. It would have been really nice had the 'Getting Started Guide' mentioned their existence, since they are your ONLY workable course of action! Ocean West's post elsewhere in this forum section provides a good step by step description of the process. However, he installs a new key/certificate pair instead of trying to get one to work which is already on your server machine. It did point me in the correct direction though. I tried exporting the key/certificate files from Keychain, converting them to the requered .pem format through Terminal commands that I found. I renamed the key file as serverKey.pem, moved it to the CStore directory, and issued the CERTIFICATE IMPORT fmsadmin command providing exported .crt file as the required certificate. This raised an error stating that key and certificate did not match, and dashed my hopes. It would seem that the serverKey.pem file which you can create with the CERTIFICATE CREATE command is FMS-encrypted, and FMS will correspondingly encrypt the .crt file during import. This probably means that unencrypted files of your own are a no go, and you are stuck with using the CERTIFICATE fmsadmin command set only with a freshly generated/ordered key/certificate pair. Which is ok if you have not already bought a certificate, but our situation is that we just want the old web server setup back so we could continue where we left off. No expenditure, no waiting on external validation - which I remember was time-consuming because we had to file business documents and wait for a phone call to verify our identity. This is beacuse our customers require that we have the safer and pricier Extended Validation version. I decided to log on to our CA, Comodo, and noticed that we could replace our certificate based on a new .csr file. This brought the solution, which was so uncomplicated that Filemaker should just have documented it! Here it is: 1. Use the CERTIFICATE CREATE command first, entering your domain name. 2. Upload the text from resulting serverKey.pem file to your CA. 3. When the certificate file arrives by email, use CERTIFICATE IMPORT + the .crt file's path. Pointing to its folder as Ocean West did, did not work for us. 4. Restart your server machine, ensuring that you have first properly closed all databases and shut down the Database Server. The folks at Comodo were really helpful, not only by providing a free replacement service, but also by springing into immediate action when I raised an urgent ticket well before the official 48-hour leadtime had passed.
  5. How about checking your post for html left there?
  6. After spending quite a few hours trying to get a brand new MacMini Server just upgraded to Mountain Lion Server to work with our new FMS12, I finally came across this article on the FM knowledge base which bluntly states that Apple's latest operating system will NOT work with its subsidiary's latest database server with respect to web publishing, PHP and several other features. The installation process itself provides no indication of this, other than the web server not being located at the final stage of the deployment process. I phoned our local FM branch and even more bluntly they told me that engineers were 'working on it' and they could not or would not share any news on when this might be completed, nor were they able or willing to try and find out. Now while it is totally understandable that quirks of a new OS can take you by surprise, it is hard be as forgiving in the case of FIlemaker vs. Apple. I imagine beta testing in an ML environment could and should have taken place. It would seem that amidst all the gloating announcements of new and improved features of FM12, including a slight warning upfront might prevent customers from spending many hours on a wild goose chase. Or why not drop licensed users of FMS12 a short email as soon as you find out and update the knowledge base? And the arrogant unhelpfulness of the Dutch FM spokesperson on the phone was simply vexing.
  7. Wat vinden wij van #D66 nu van #Papandreou en zijn #referendum over reddingsplan #Europa? Mooie case en een gewetenskwestie. #Durftevragen!

  8. #internetstoring #xs4all: mail werkt ok, sommige sites ook (Twitter, Facebook) andere niet/slecht (Hotmail)
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.