1 of 1 people found this helpful
The following knowledge base article includes some documentation for installing an SSL certificate with FileMaker Cloud. However, the section on renewing the trial Comodo SSL certificate is not quite as simple as it seems.
The following article from Comodo gives additional information on generating a CSR using OpenSSL. This appears to be a required step for either renewing the trial Comodo certificate or purchasing a new certificate.
3 of 3 people found this helpful
After a bit of trial and error, I was finally able to "renew" the Comodo certificate on one of our FileMaker Cloud instances. At this point, my advice is to just wait until your trial certificate is closer to its expiration and hope that either the process is improved before then or that at least some more complete official documentation is available.
If you don't want to wait, here's the general process I went through:
- Generated a CSR on my Mac using the command: openssl req -nodes -newkey rsa:2048 -keyout mydomain.key -out mydomain.csr
- Clicked on "Renew Comodo Certificate" on the SSL Certificates tab in the FileMaker Cloud console, which took me to a form at comodo.com.
- Completed the multi-page form and paid $99.95 for one year.
- Validated the domain using the HTTPS-based DCV method described here: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/791/16/alternative-methods-of-domain-control-validation-dcv WARNING: This requires SSH access to your FileMaker Cloud server. That's why I said in the first paragraph that you should probably just wait.
- Received the cert (along with root and intermediate certs) via email within a few minutes.
- Concatenated the cert and the two intermediate certs into one file and then imported that file and the mydomain.key file (from step 1) via the "import it" link on the SSL Certificates tab in the FileMaker Cloud console.
- FileMaker Cloud restarted (NOTE: the restart message indicated I should wait until I received an email, but I did not receive an email message.)
- Connected via FileMaker Pro, FileMaker WebDirect, and the FileMaker Cloud console and verified that each showed the newly installed cert.
3 of 3 people found this helpful
Just following up on my previous post in case anyone is following. Since using the *.fmi.filemaker-cloud.com domain is not supported past 90 days, here's the approach we're using to make managing FileMaker Cloud instances for our clients easier:
- We registered a domain name (like mydomain.com) and purchased a wildcard SSL cert for that domain.
- When we set up a FileMaker Cloud instance, we create a CNAME entry for that instance (like customer.mydomain.com) that points to the FQDN (like fc-asdfasd1-20170127-192314.fmi.filemaker-cloud.com).
- We import our SSL cert via the FileMaker Cloud admin console and change the host name when prompted.
- The instance reboots and we test connections from FMP, FMG, FMWD, and the FMC console.
- After the initial set up, we never use mydomain.fmi.filemaker-cloud.com or the default SSL cert.
Many thanks for this Greg. We plan to go the same route of using a wildcard certificate for a generic domain and it's good to know what the process is for this and that it's working for you.
KB 16125 recently got a significant update with a lot more details. If you’re trying to set up an SSL cert for FileMaker Cloud, definitely read that article:
Unfortunately, the article indicates that Comodo is now the only SSL cert supported in FileMaker Cloud. If you’re using another vendor, be sure to test thoroughly with all of the different types of clients and browsers that might access your solution. We’re still using a DigiCert wildcard cert but we’ve had to work around a container field download issue. The changes in the KB article suggest we may not see an official fix for that any time soon.