I did not have luck with the wizard. Did it via CLI. Same 2012R2 server, same GD standard certificate.
Are pasting in the proper parts of the cert request at Godaddy?
Did you get single standard or UCC standard?
The request was accepted without errors in the GoDaddy site.
After few minutes and with a progress graphic showing the process, the site announce the certificate generation with a dowload link.
The resulted compressed file contains the intermediary certificate and the SSL certificate.
The import is performed on the server in the same tab used to issue the request.
There are specific places to put the three files (both certificates and the serverKey.pem that have embedded the password that needs to be entered to complete the process).
The error appears immediately after make click on the import button.
The certificate in question is the Single Standard (listed with a cost of $69 per year).
Filemaker does not indicate the UCC in the list of recommended certificates. They just say "Standard SSL".
I will try to generate the request and import the cert using the command line to see if imports correctly and will post the result.
I generated the request by CLI and then manually placed the files in the proper directory. The FMS admin panel saw the cert after logging out and back in.
Question for you: Were you trying to install it via a remote Admin console (your Mac or physical computer) or a local to the AWS machine Admin console?
I was having the exact same problem as you with the same error moving from a MacMini to AWS. I re-keyed the SSL twice to ensure I hadn't missed something. Heck, I couldn't even get the command line to work. However, while on hold on my third call to FileMaker, I found this thread. The tech said it shouldn't make any difference, but it absolutely does.
Perhaps it's importing the serverKey directly from the machine or something. I don't know the technical reasons, but running a http://localhost:16001/admin-console on the AWS web browser installed it like a piece of freaking cake. Zero problems.
How about some swag, FileMaker? That was only three hours of my life!
1 of 1 people found this helpful
Interesting. I did mine through RDS (localhost).
Is this a wildcard cert of just a single machine cert?
Fabian, wimdecorte & Others,
We'd like to understand the issues you're experiencing to make this process as smooth as possible.
As this thread alluded to, you can combine the intermediate, cert then private key into a single serverCustom.pem file and place it into the CSTORE then restart FileMaker Server. If server doesn't start you may have an issue with the certificate, permissions(OS X) or formatting of the chain. Remove serverCustom.pem from the CSTORE and restart server, it will restore working order with the default certificate.
OpenSSL on OS X can be used to verify the certificate against our certified and root.pem(CA Store) by using the OpenSSL verify command within terminal. Read more about using OpenSSL verify here: OpenSSL
I stress, everyone who does workarounds. Help us understand why it's needed. The steps you followed, along with the intermediate and certificate would be extremely helpful. We will do our part to try and narrow down the potential issues. DO NOT POST/SHARE YOUR PRIVATE KEY HERE OR ANYWHERE ELSE.
When you have a certificate failing import you've received signed back from the CA vendor. Check to ensure the format of the file (pem) and for any extra leading or trailing carriage returns. Also if the world trusted exists between begin or end certificate. I'm unsure if these could be a problem(s) or not, just variables to check for.
Thanks for your support,
My installation is performed via Remote Desktop (MS RDP) on the server console opened in the local browser.
I was pretty busy to attempt the clip, I will try it this weekend.
Wow, super excited to see an official post from you, James Quiggins!! It's been a long time!!
For those of you who don't know James Quiggins, he is one of the top tech support people at FileMaker Inc.
I can't even count the number of times that James has helped me in the past solve seemingly-impossible problems. James worked tirelessly around the clock until he could solve a number of different bugs & problems that I reported in the past. James is amazing, and now that he's on this thread, I bet it will be solved in no time!!
The other technical support people on these forums are great too (TSGal, TSWildcat, TSFalcon), but I have extensive personal experience with James accomplishing the absolute impossible for me!
Although I've been developing FM solutions since the Claris days, I'm certainly no expert at SSL certs. However, I had purchased one from GoDaddy a while back and had to rekey it as I changed our MacMini server to a supercool MacPro and installed FMServer 15 at the same time. FMServer 15 makes importing SSL certs a lot easier but, it still took a bit of messing around (again I'm no expert) but I did finally got the green check flag indicating success when connecting from FM clients or FMGo (ODBC doesn't really confirm a secure connection in the JMP stats application I use) BUT, when trying to connect via WebDirect (using the https://myserver/fmi/webd URL), it always gives an error and indicates that the default Filemaker SSL cert is being used. If I elect to trust it, I get through, but that isn't the point. The server is behind a firewall but I have opened the requisite ports and I can get through, but even when I go to the server's web site, I again get the default certificate even when using the domain name address, not the IP address. This isn't really an answer to your question, but perhaps someone could indicate why I'm only partially successful?
Seems rebooting the server and toggling Webdirect off and then on (something I had done originally) eventually did the trick.
I tried to import a standard Go Daddy cert today via that FMS15 wizard and am getting the same result as Fabian.
Reading this post, my situation seems exactly the same.
Hey FileMaker, is there any trick to get this wizard to work, or do I need to explore the workarounds posted here?
Are you running the Admin console on your local machine or via a web browser on the server itself?
I had all kinds of issues until I ran it in Chrome on the webserver itself via RDP. Then, it worked like a charm.
I'm running the admin console in IE11 on the webserver itself, via RDP.
I'll install Chrome on the server and try that.