UCC/SAN certs can do multiple domains on the same server. Never tried one with FMS though.
In my experience the SSL list from FMI is pretty vague and noone at FM seems to know anything about what certificates will actually work. I think a standard GD UCC would be compatible.
3 of 3 people found this helpful
I did not use the FileMaker Server interface to create a CSR. Instead I just used my webserver's certificate and imported that in the FMS console. I have 4 domains tied to that certificate and it works like a charm, including on Go and WD.
So you do not have to use the FMS-interface to create a CSR. Instead you could use you CA's web interface to create one. There are ton's websites where you can generate a multi domain CSR ( SAN-CSR), an example is: https://certificatetools.com info on that tool is on this blogpost but there ar lots of other good ones. My personal favourite at this moment is Lets Encrypt, where I use these instructions and these on certbot for the automatic generation of CSRs, KEYs and Certificates.
Maybe a but much information, but it works fine for me, so I hope this helps you.
Thank you, Menno.
I will test this, and see what happens. It may take some time, because my client is just beginning the discussion of what they want, but I'll post the results when I know. (It will get interesting because they are running separate web and email servers and now, we'll be adding the FileMaker Server to the mix. Right now, they don't have anything but self-signed certificates in use.)
I was under the assumption that FileMaker Server had to generate the CSR for it to work, but since that's not the case, this sounds as though it will meet their needs.
1 of 1 people found this helpful
Are you saying you are using a cert from Lets Encrypt with FM Server? I would be surprised if it is completely supported unless it is also listed in FM Server's supported root certificate authorities, regardless if it installs correctly. Would like to know if it is tho.
Yes I am using lets encrypt on my fm server and have green locks indicating the ssl-connections works. I have not implemented automatic generation and renewals of the certificate on my fm server. I use a separate webserver that does that for me in the same network. Just this week I installed the renewed certificates. I run fm server on windows server 2012, my webserver is an ubuntu 14.04
To be clear, Menno, you're successfully hosting multiple domains to the same FM Server all with valid SSL validation like this…???
HTTPS:// DomainOne.com > X.1.1.1/fmi/webd#FMS1.fmp12
HTTPS:// DomainTwo.com > X.1.1.1/fmi/webd#FMS2.fmp12
HTTPS:// DomainThree.com > X.1.1.1/fmi/webd#FMS3.fmp12
HTTPS:// DomainFour.com > X.1.1.1/fmi/webd#FMS4.fmp12
Are you running a DNS Server on your local network to redirect HTTPS traffic or otherwise translate/map domains to respective fmp12?
I am pretty sure this is how it will work. I might find time to test a multi domain certificate in a day or so if there is no reply. I know others have successfully used Wildcard SSL certs to secure multiple sub domains on one FM server. I believe the Wildcard can also work with the same certificate on multiple servers.