5 Replies Latest reply on Apr 9, 2017 5:06 PM by CarlSchwarz

    New certificate does not work…

    bkaisin

      Hello,

      I bought one of the FM recommended CA certificate (Go Daddy).

      I have to installed it under OSX (10.10.5 -> Yosemite) on FMS 14.

      I received 2 files: 417577e4a37a3b93.crt and gdig2_bundle.crt

      In Filemaker server under the button to import a certificate, the dialog ask me to import a Signed certificate file and a Private key file and also ask me a Private Key password.

      How do I know wich is the right file and what is the Private Key password?

       

      Can't find on FM.com or other places my answers.

      Thanks

      Ben

        • 1. Re: New certificate does not work…
          Johan Hedman

          The Privat key is the password you entered when creating your certificate

           

          Here is good information about using Certificates on FileMaker Server

          Configuring security for FileMaker Server 14 and earlier | FileMaker

          1 of 1 people found this helpful
          • 2. Re: New certificate does not work…
            wimdecorte

            The .crt with the funny name is the one to import, "gdig2_bundle.crt" is the intermediate certificate.  The private key file is the ServerKey.pem that you created with the request and the password is what you set when you created the request.

            1 of 1 people found this helpful
            • 3. Re: New certificate does not work…
              bkaisin

              Thanks for your answers,

               

              I re-started from scratch and it does not work better

              Here are the steps I have done

              FMS runs on OSX

               

              1) In the terminal I wrote

              fmsadmin certificate create  +  my website.com

               

              2) I sent ServerRequest.pem to my CA authority (GO Daddy)

               

              3) Change the permission for the CStore folder for me (Admin -> r w)

               

              4) I put the certificate I received (from Go Daddy) in the CStore folder

               

              5) In the terminal I wrote

              fmsadmin certificate import /Library/FileMaker\ Server/CStore/741e0e61c7c2c629.crt

               

              6) I checked the SSL box in FMS

               

              7) I restart the Server (Actually I restarted the Mac)

               

              There is no paddlock icon in the FM user file (down left).

              Any idea?

               

              Thanks

              • 4. Re: New certificate does not work…
                wimdecorte

                bkaisin wrote:

                 

                 

                 

                3) Change the permission for the CStore folder for me (Admin -> r w)

                 

                4) I put the certificate I received (from Go Daddy) in the CStore folder

                 

                 

                 

                Don't do these two.  Save the crt file anywhere but the Cstore folder and do not change rights on that folder.  If you don't know what the original rights were you may have to reinstall FMS.

                 

                The fmsadmin CLI import command will take the crt from where you put it and will install it into the FMS cstore folder and will set the OS rights properly.

                • 5. Re: New certificate does not work…
                  CarlSchwarz

                  You want the smallest of the two certificate files that came from GoDaddy, and also the ServerKey.Pem file that is in the CStore directory and the password that you used in the beginning to create the serverrequest file.

                   

                  Put those files in the top two boxes, put the password in the bottom box and leave the intermediate certificate file empty.

                   

                  What version of the certificate files did you download?  I know that "Other" works