Thank you for the post.
The symptoms you describe indicate the use of an SSL certificate that is not tested.
“I got a COMODO PositiveSSL certificate.”
The two Comodo certificates that are tested to work are the following:
Comodo Elite SSL Certificates bundled with certificate
Comodo SSL with SHA-256 (under SHA-1 Root)
Please review the following knowledge base article for the full list of tested certificates:
As I said in previous communications with FileMaker, the list of supported SSL certificate types is so opaque as to to be useless — what do any of the terms actually mean with respect to the options available on the Comodo website?
Secondly, if FIleMaker is only going to work with certain certificates (something that's weird in its own right... why not use the same certificates as the rest of the server?), then why do you let it import unsuitable certificates?
This seems to be the suck-it-and-see school of programming! I'm sorry, but it's very disappointing!
Thank you for the reply.
The certificate at the link above is the Comodo Elite SSL Certificates bundled with certificate and the one tested to work.
The nature of SSL requires the certificate to be a part of both the FileMaker Server and FileMaker Pro (Advanced) installations. Installing a certificate we did not test will not work because the clients do not include the certificate as part of the installation.
Additionally, I have forwarded a request to the manager of Documentation to see about updating the knowledge base article to be more clear in the future.
The knowledge base article has been updated. The links direct the user to the certificate point of purchase for the specific certificates that were tested.
Thanks -- that make a bit more sense!
> The nature of SSL requires the certificate to be a part of both the FileMaker Server and FileMaker Pro (Advanced) installations.
> Installing a certificate we did not test will not work because the clients do not include the certificate as part of the installation.
That's true, but all operating systems have a standard set of trusted CAs installed (and updated) by default—surely that's how other apps (particularly browsers) cope. And with other apps, if I manage both the clients and server I could easily arrange for the clients to trust whatever root CA I choose.
I hope the next version of FIleMaker will make certificate a lot simpler to handle :)