2 Replies Latest reply on Mar 24, 2015 2:32 PM by disabled_ntaylor

    GoDaddy Certificate not working

    jcooper

      Title

      GoDaddy Certificate not working

      Your post

      Hi,

      Recently upgraded to FMS13 from 12.  Ever since have had major problems with our SSL Certificate.  Finally thought we had it licked, but it's still not working.  Per the documentation, we purchased a plain single-use certificate for FMS since apparently wildcard and multiple domain certs we had are useless with FMS, and we specifically chose the older SHA-1.  We have a signed certificate. We also have an intermediate bundle. We tried importing the certificate but visitors get an error sec_error_revoked_certificate which looks like a revocation but I HAVE the certificate and godaddy says it's ok.  We tried copying and pasting the cert with the bundle and importing that, and it still doesn't work.

      Also attempted to start fro scratch, removed serverkey.pem and serverrequest.pem from CSTORE and ran fmsadmin create domain.com and got "failed to create new certificate request file ... internal error (-1)."

      Does anyone else run an encrypted FMS based site and does it actually work?  And what specifically did you do?  Sorry to be testy but we have no employment application site at the moment. ugh.

      Thanks,

      Jeff

        • 1. Re: GoDaddy Certificate not working
          jcooper

          The "failed to create" was a permissions error. Somehow CSTORE was set to read only for fmsadmin group.

          I finally got it working by regenerating a new key, resubmitting to godaddy, getting a new cert and importing it.  THEN restarting.  Not just the FMS Service, but the whole bleeping box.  Is it me, or should servers only need to be recycled in case of crisis or crash?

          I didn't see anywhere in the fms13_help or Gettting_Started docs that a reboot of the server itself is required to apply changes to certificates.  Must've been in the same paragraph that tells us FMS understands SHA-1.  OK, testiness and snarkiness over now. But I can't be only one frustrated by the documentation or lack thereof.

          Thanks,

          Jeff

          • 2. Re: GoDaddy Certificate not working

            jscooper:

             

            Thank you for the post.

             

            I’m glad you were able to solve the issue. 

             

            For others who may encounter this thread, the fmsadmin group is read-only by default. Instead of changing the groups permissions, running the command as sudo would produce the same result. 

             

            “I didn't see anywhere in the fms13_help or Gettting_Started docs that a reboot of the server itself is required to apply changes to certificates.”

             

            We are always trying to improve our documentation; however, page 71 of the FileMaker Server 13 Help guide in reference to “Require secure connections” states:

             

            “Note: If you change this setting, you must restart the Database Server again for the change to take effect. See Starting or stopping FileMaker Server components.”

             

            TSFalcon

            FileMaker, Inc.