I believe this is the procedure we've been using since v15 was released (this is using a wildcard certificate, but I don't believe that should affect anything and references below are for Windows, hence 'Notepad', 'Program Files', etc AND please remember we don't have permissions issues on Windows, if you're a Mac user, you may wish to wait for someone else to post):
We've generated our certificate using the vendor's online CSR generation tool
Copy the certificate request (CSR) text into Notepad and save as serverRequest.pem
Copy the Private Server Key text into Notepad and save as serverKey.pem
Copy the Web Server Certificate into Notepad and save as a .cer file, call it Server Certificate.cer
Copy the Intermediate Certificate into Notepad and save as a .cer file, call it Intermediate Certificate.cer
Backup your current cStore certificate related files
Copy to Program Files\FileMaker\FileMaker Server\CStore\
Copy the Server Certificate.cer and Intermediate Certificate.cer files to Documents or similar
(if following already setup, skip to 'Import Certificate' below)
In Server Admin, click Database Server
Restrict access to databases per user
Select 'List only the databases each user is authorised to access'
Click 'Use SSL for database connections'
Click 'Use SSL for progressive downloading'
Ignore restart server messages, as we'll be doing this shortly
Click 'Import Certificate'
Signed Certificate File
Select 'Server Certificate.cer' from 'Documents'
'Intermediate Certificate File'
Select 'Intermediate Certificate.cer '
Private Key File:
Navigate to Program Files\FileMaker\FileMaker Server\CStore\serverKey.pem
Private Key Password:
Usually left blank
A red 'Certificate imported successfully' should appear
We restart the complete server to fulfil FileMaker Server restart requirements, but should be able to just restart FMS
When restarted, log into the admin console using:
View the certificate, which should be valid
Perhaps not the most official way to do it, but it has helped us use the same certificates across different servers and between IIS and FileMaker Server Master and Worker servers in a 2-server deployment and a convenient way to update the current certificate.
Hope this helps