Jonathan Jeffery

FMCloud does not recognise Subject Alternate Names on SSL certificate.

Discussion created by Jonathan Jeffery on Mar 22, 2017
Latest reply on Apr 4, 2017 by TSGal

Product and version FM Cloud, v1.15.1.35

OS and version N/A

Hardware T2.small

Description

I have a server with an SSL certificate installed (a GoDaddy 'Standard SSL' certificate, supported by FMS 15, although the support page on SSL certificates in FMCloud is incredibly vague: Configuring security for FileMaker Cloud | FileMaker)

 

As expected, I received an e-mail requesting that I add a CNAME record on my DNS, directing my preferred server name to the FMCloud persistent name (e.g "fc-224-170-33-1475102152.fmi.fiemaker-cloud.com"), because the IP address of the AWS instance can change after updating the server configuration.

 

I have done so, but I wish to use one of the names defined on the SSL certificate's Subject Alternate Name (SAN) list -- this is a basic function of SSL certificates, as defined by IETF RFC 5280.

 

However, the e-mail requests for me to add a CNAME record have continued, even though the CNAME record works perfectly (I can access the console, and FMPA15 reports a secure link when connecting to a database, when using the SAN url).

 

How to replicate

Install a certificate, but use a SAN name for your CNAME record.

 

Workaround (if any)

None.

Outcomes