Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

Easy way to use Let's Encrypt with FileMaker Server


jaboda

Recommended Posts

We've just switched over to Let's Encrypt SSL certificates. I created a super simple (and supportable) way of doing this.

We're using FileMaker Server on Windows but this method should work with other OS's as well with a bit of adapting.

  1. Install Certbot from https://certbot.eff.org.

  2. Run Certbot from the Start Menu and enter the following command to configure it:

    certbot certonly --webroot -w"C:\Program Files\FileMaker\FileMaker Server\HTTPServer\conf"

    This is assuming that FileMaker Server is installed on Drive C in the default folder.

  3. Enter the details for the certificate.

  4. Create a new file called 'Install Certificate.cmd' containing the following:

    @echo off
    
    set domain=[your server's domain]
    set username=[admin username]
    set password=[admin password]
    
    copy %SystemDrive%\Certbot\live\%domain%\fullchain.pem %temp%
    copy %SystemDrive%\Certbot\live\%domain%\privkey.pem %temp%
    
    fmsadmin certificate delete -y -u %username% -p %password%
    fmsadmin certificate import "%temp%\fullchain.pem" --keyfile "%temp%\privkey.pem" -y -u %username% -p %password%
    
    del %temp%\fullchain.pem
    del %temp%\privkey.pem
    
    net stop "FileMaker Server"
    net start "FileMaker Server"

    Ensure you enter your domain, and admin username and password.

  5. Schedule the above script to run once a week. Let's Encrypt updates every 30 days (I think) so weekly should cover it. Make sure you run it with the highest privileges.

That should be it. Claris say you need to restart the FileMaker Server service but in my testing that doesn't seem to be necessary.

I'm going to use it as an opportunity to reboot the server, which I do weekly. To do that replace the last two lines with

Shutdown /r /t 0

Hope this helps.

Link to comment
Share on other sites

  • 8 months later...
  • 9 months later...
  • Newbies

I'm getting stuck immediately on step 2.  I get the following error message:

The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

I'm assuming it's a firewall issue.  I am using an EC2 instance on AWS.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.