7 Replies Latest reply on Jun 12, 2015 10:47 AM by TSGal

    Webdirect does not read certificate properly

    Yadin

      Summary

      Webdirect does not read certificate properly

      Product

      FileMaker Server

      Version

      14.0.1

      Operating system version

      Server 2012R2

      Description of the issue

      When logging in to WebDirect you get a massive red warning banner about the certificate being standard instead of custom.  This is not true, a customer certificate has been installed on the server and put in place for https on the 443 binding.  This is confirmed working from the client as there is no certificate warning, and viewing the certificate details shows it is the proper Comodo certificate.  Apparently there is a significant bug in WebDirect where it is trying to read the cert for some redundant reason and can not.

      Steps to reproduce the problem

      Install a cert, log in to WebDirect, see warning.

      Expected result

      No warning

      Actual result

      Warning

      Exact text of any error message(s) that appear

      See attachment...

      Workaround

      None, people just have to ignore the giant red warning that is scaring them into calling the helpdesk....

      Screen_Shot_2015-06-09_at_6.55.21_PM.png

        • 1. Re: Webdirect does not read certificate properly
          TSGal

          Yadin:

          Thank you for your post.

          Is the FileMaker Server 14 installation on a single machine or two machines?  If two machines, make sure you install the certificate on both machines.

          Do you have “List only the databases each user is authorized to access” option turned on or off?

          Be sure to also install the FileMaker Server 14.0.2 update.

          TSGal
          FileMaker, Inc.

          • 2. Re: Webdirect does not read certificate properly
            Yadin

            Installation is a single machine.

            The option to list only database authorized is on.

            Once you authenticate to see said databases, you see them along with the posted big red warning.

            I did not see mention in the release notes that 14.0.2 addresses this, or actually anything other than a license issue which we were not seeing, but I can apply that if it will resolve this (though being such a significant issue I would expect that to be mentioned in the notes).

            • 3. Re: Webdirect does not read certificate properly
              TSGal

              Yadin:

              First, FileMaker Server 14.0.2 only addresses a License Key conflict.  Although you are not currently getting this error, if it does occur, you will know the reason.

              Since FileMaker Server is seeing the FileMaker default certificate, what steps did you take to install the Comodo certificate?  Did you use the Admin Console (Database Server -> Security tab -> Import Certificate), or did you use the command line interface CERTIFICATE command?

              TSGal
              FileMaker, Inc.

              • 4. Re: Webdirect does not read certificate properly
                Yadin

                Per documentation, I used the command line.  While I saw the Import option in the UI, it is not mentioned in the documentation, and support indicated it should be done by CLI.

                • 5. Re: Webdirect does not read certificate properly
                  TSGal

                  Yadin:

                  Thanks for the information.

                  The import option is definitely mentioned in the documentation.  At the bottom of page 69 of the FileMaker Server 14 Getting Started Guide, it says:

                  "If you obtain a custom SSL certificate without using the CLI certificate command, you can import the certificate using Admin Console. On the Database Server > Security tab, click Import Certificate."

                  https://fmhelp.filemaker.com/docs/14/en/fms14_getting_started.pdf

                  Since you used the command line interface, verify that you followed the exact steps in the Getting Started Guide starting on page 69. If the issue still occurs, then I would suggest uninstalling and reinstalling FileMaker Server 14, and use the Import Certificate option.

                  TSGal
                  FileMaker, Inc.

                  • 6. Re: Webdirect does not read certificate properly
                    Yadin

                    So this would seem to be another serious reliability issue in the product, which is why I put this in as a bug report, which means this needs to be fixed at the development side.  The number of these problems that result in the advice of reinstall the server and try again are frankly absurd.  That kind of approach squarely indicates this is not a reliable business solution, as you simply can not randomly take a service offline and reinstall it constantly when something doesn't work properly.  I have over 100 users depending on this system for daily business, and this week has been a disaster because v14 has proven to be unreliable at every turn.  I am disinclined to randomly try taking it offline and starting from scratch when you're making no guarantee this will work as the stability issue seems to not be understood in the first place.  Please advise when the issue has been fixed, or better yet stop trying to do your own internal redundant SSL and simply allow the webserver to do the job normally like every other web based product, and like you used to do in the past.

                    • 7. Re: Webdirect does not read certificate properly
                      TSGal

                      Yadin:

                      If FileMaker Server and supported certificate are installed correctly, it will work.  We have several machines set up here with supported certificates, including Comodo Elite SSL certificate.  I can understand if you don't want to take your server offline.  Therefore, it would probably be best to speak directly with a Support Technician, as she/he can walk you through the reinstallation of your certificate, and if an error appears during a certain step, then she/he knows what to look for in your system.  If you are located in North America, call toll-free 800-325-2747.  If outside North America, contact the FileMaker office nearest you.

                      TSGal
                      FileMaker, Inc.