Product and version: FileMaker Cloud 220.127.116.11
When a DigiCert SSL cert is installed, FileMaker WebDirect users are unable to download container field data via a button using the Export Field Contents script step. No dialogs are displayed but the file download fails and the following error can be found in fmshelper.log:
Feb 15, 2017 3:31:03 PM com.vaadin.server.ConnectorResourceHandler error
WARNING: Ignoring connector request for no-existent connector 343 in root 0
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Further investigation found that the fmcacerts keystore file (which is used by Java/Tomcat) does not include DigiCert.
How to replicate:
- Create a FileMaker Cloud instance and install a DigiCert SSL cert (we used a wildcard cert).
- Host a database with a container field and a button with the script step Export Field Contents.
- Open the database via FileMaker WebDirect and click the button. A dialog will display allowing you to name the file but then clicking the button to download the file does nothing.
- The fmshelper.log will show an error as indicated above.
Workaround (if any):
Manually importing the DigiCert root cert into the fmcacerts file via keytool and then restarting tomcat fixes this issue.