1 Reply Latest reply on Apr 4, 2017 11:59 AM by TSGal

    FMCloud does not recognise Subject Alternate Names on SSL certificate.

    Jonathan Jeffery

      Product and version FM Cloud, v1.15.1.35

      OS and version N/A

      Hardware T2.small

      Description

      I have a server with an SSL certificate installed (a GoDaddy 'Standard SSL' certificate, supported by FMS 15, although the support page on SSL certificates in FMCloud is incredibly vague: Configuring security for FileMaker Cloud | FileMaker)

       

      As expected, I received an e-mail requesting that I add a CNAME record on my DNS, directing my preferred server name to the FMCloud persistent name (e.g "fc-224-170-33-1475102152.fmi.fiemaker-cloud.com"), because the IP address of the AWS instance can change after updating the server configuration.

       

      I have done so, but I wish to use one of the names defined on the SSL certificate's Subject Alternate Name (SAN) list -- this is a basic function of SSL certificates, as defined by IETF RFC 5280.

       

      However, the e-mail requests for me to add a CNAME record have continued, even though the CNAME record works perfectly (I can access the console, and FMPA15 reports a secure link when connecting to a database, when using the SAN url).

       

      How to replicate

      Install a certificate, but use a SAN name for your CNAME record.

       

      Workaround (if any)

      None.