I have FMS 13v9 running with almost all of my users on the LAN, connecting to a static IP.

I also have an external IP and FQDN with a certificate (I am a server restart away from having that secured - hopefully after hours tonight!).

I would like SSL on the internal connections as well, but do not want to route them out through the firewall and back in, just to use the public IP. Can I have more than one certificate installed at the same time? Can I buy a certificate with a private IP instead of a name (192.168.1.x)?

 

Thanks,

Paul Samuelson

You might try something like ordering an SSL cert that allows multiple domain names and see if you can put the internal IP address of the server as one of the valid domains.  I'm not sure if a valid SSL cert will allow you to connect to an IP address versus a FQDN, but something tells me it won't.  

Why don't you want to route the traffic through the firewall?  You're not going to notice a performance difference (unless the firewall is not physically onsite, which wouldn't be a LAN) verses setting up something like a split DNS Zone.

 

Having to manually specify two separate certificates on the same server sounds like a huge PITA.  Instead, you could also try setting the Hosts file manually in each internal client trying to connect to the Filemaker server.  It basically hardcodes the DNS name to an manually specified IP address so that you could connect to the servers domain name but have it redirect to the internal IP.  It would trick the client into believe that it's connecting to the FQDN of the server when in reality the traffic never leaves the LAN.

Edited April 29, 201510 yr by James Gill