You might want to check you some old instructions in a previous discussion at: Re: FMS 13 Inexpensive SSL Certificate for Mac Development Machine
Note that this was for FMS 13 and a type of Comodo SSL certificate which will not work with FMS 14. But the instructions are still good. But note in the instructions on the path names which are paths to where you save the intermediate certificate txt file on your hard drive. So there is not an exact location, it depends on where you saved it (e.g., Desktop, Documents folder, or maybe downloads). For example, the downloads folder would be /Users/[username]/Downloads/ and you substitute your account user name in.
See if those instructions help you out. Remember you can use the sudo instead of the permissions changing since that is usually easier.
Thanks for your post Mr. Sharpe. I read through your thread and and the only differences that i have come across are that i don't receive a .crt certificate file from the Geotrust CA, and that I'm using their free trial to figure all this out (one person said they used the same cert and it worked. maybe FMI doesn't support it anymore...).
I'm still running into the password problem...........
If you use the fmsadmin certificate command to create your CSR there is no password involved at all.
I'm curious, where did you get this syntax from:
- sudo fmsadmin certificate import [pathname] --keyfile [pathname] --keyfilepass [_?_?_?_]
This is from the FileMaker 14 Server getting started guide (https://fmhelp.filemaker.com/docs/14/en/fms14_getting_started.pdf):
fmsadmin certificate create "/CN=ets-srvr.filemaker.com/O=FileMaker DBS Test/C=US/ST=California/L=Santa Clara"
After you get the file from GeoTrust, you want to run fmsadmin certificate import C:\my_certificate.crt
You don't need to place the intermediate file in the CStore folder, but you may need to install it on your server.
The GeoTrust Quick SSL Premium free trial does work (I've used it on FileMaker server 14). What you want is probably in the email they sent you:
1. INSTALL CERTIFICATE:
Install the X.509 version of your certificate included at the end of this e-mail.
For installation instructions for your SSL Certificate, go to:
The "Web Server Certificate" is included as text in the email. You should copy this, place it in a file and save it as a .crt file. This is the file you import.
tcfitzgerald: The CStore folder does not have permissions allowing the user to write the certificate. So you have to solve the permissions problem. You can change folder permissions or you can sudo command to give root authorization to the "fmsadmin certificate important" command.
I know what sudo is...but this: [pathname] --keyfile [pathname] --keyfilepass [_?_?_?_] does not appear in the FileMaker documentation, as far as I can tell. Where is the OP getting this from?
I see. That command is for FileMaker 13, not 14. Also, it only applies if you've used an alternate means of generating your CSR (e.g. IIS, OpenSSL, etc.), not if you used the fmsadmin certificate create command:
NOTE: If you request a CSR using fmsadmin in the Command Line, you must also import that certificate from the Command Line using fmsadmin
Maybe you will find this video useful: FileMaker 14 Videos | FileMaker SSL Certificate Network Encryption Security - YouTube
SSL Installation with Read & Write permissions and without Syntax errors. (on a Mac)
Upon installing your server, goto the Filemaker Server Folder, then the CStore folder.
"Right-click" the CStore folder, select 'Get Info'
Under Sharing & Permissions, add your administrator profile. This is the profile that has "(Me)" at the end of the profile name, not the "Admin" profile.
Empty the CStore folder.
Generate the Certificate Signing Request, serverRequest.pem & serverKey.pem files will be created in the CStore folder.
Send your CSR to your Certificate Authority, and the signed certificate will be returned, and should have the intermediate certificate sent with it. Copy each certificate and create plain text files(Intermediate.txt & signedCertificate.txt), place them in an ideal location (I used the CStore folder).
Open your Command line window next to a Finder window (with the CStore folder open).
Enter the import command, and Drag&Drop the signedCertificate.txt file on the Command Line interface. This will put in the correct filepath with no syntax errors.
Enter the password for your (Me)-profile and your serverCustom.pem file will be created in the CStore folder.
Set your server for the SSL connections and Restart your server and machine.
A lot of Trial & Error, talking to experts, multiple certificate reissues, and determination. This should save someone else a huge headache.