greglane

FileMaker WebDirect users are not able to download container field contents from FileMaker Cloud with a DigiCert SSL certificate.

Discussion created by greglane on Feb 15, 2017
Latest reply on Oct 26, 2017 by TSGal

Product and version: FileMaker Cloud 1.15.0.194

 

Description:

When a DigiCert SSL cert is installed, FileMaker WebDirect users are unable to download container field data via a button using the Export Field Contents script step. No dialogs are displayed but the file download fails and the following error can be found in fmshelper.log:

 

Feb 15, 2017 3:31:03 PM com.vaadin.server.ConnectorResourceHandler error

WARNING: Ignoring connector request for no-existent connector 343 in root 0

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

 

Further investigation found that the fmcacerts keystore file (which is used by Java/Tomcat) does not include DigiCert.

 

How to replicate:

  • Create a FileMaker Cloud instance and install a DigiCert SSL cert (we used a wildcard cert).
  • Host a database with a container field and a button with the script step Export Field Contents.
  • Open the database via FileMaker WebDirect and click the button. A dialog will display allowing you to name the file but then clicking the button to download the file does nothing.
  • The fmshelper.log will show an error as indicated above.

 

Workaround (if any):

 

Manually importing the DigiCert root cert into the fmcacerts file via keytool and then restarting tomcat fixes this issue.

Outcomes