Impossible to Have Valid Cert on 2-Machine Deployment for FM Clients & Admin Console
Operating system version
Windows Server 2012
Description of the issue
When utilizing a custom cert on a 2-machine deployment, it is impossible to make the cert appear as valid when accessing the solution from FM Clients, FM Go and the Admin Console.
The basic issue revolves around the fact that WebDirect clients access the server from the Worker machine while FM Clients, FM Go and the Admin Console access the Master.
The domain on the cert points to the Worker machine so when being accessed via WebDirect it will show as valid.
However, when accessing the Master through FM Clients, FM Go or Admin Console you will be entering either a different IP or domain name that will not match the cert that is loaded and does match the Worker.
There needs to be a way to have two certs loaded or some other workaround so that clients accessing on the Master also see a valid cert and know they are connecting to a valid server.
Steps to reproduce the problem
1 - Set up a two-machine deployment with a custom cert.
2 - Access through WebDirect and it will show as valid.
3 - Access through FMP, FMPA, FM Go or Admin Console which needs to point at the Master.
WebDirect and all FM Clients and Admin Console users need to see a valid certificate.
Sessions will be encrypted and show a lock in the bottom left of FM clients but will show as not valid and the Get ConnectionState Attribute will only show secure state 2. There is no way to get a 3 or valid cert.