At first: I really hate to have to come here and ask for help in a topic with hundreds of entries, but I am failing all along and I spent 10+ hours divided on 5+ "lets try it again today" sessions.
First few hours where:
Fail, Research, Reissue, Fail, Research, Reissue, Reissue, Reissue, ---
I turned out that godaddy.com also sells "starfield" certificates (of which I had one)- so first thing to every newbie out there going with godaddy: godaddy is not equal to godaddy. Best you can get with that one is "marked as trusted".
By saying you can use go daddy they actually not mean a certificate from the site godaddy.com, but a certificate from godaddy on the godaddy site. And yes you have to figure that out on your own!
Back to my issue:
I had a green lock for 10 days now. Achieving the green lock was like heaven.. It turned orange again two days ago and ever since I don't find any issues or any potential error I might have done.
I did not change anything in my setup.
What I already tried:
I did follow the exact steps.
I did put the exact FQDN in my "Host" Input Field.
I have an A-Type Entry for my Domain Name. (I also have a * and an empty Entry - can this cause any issues?)
I have tried using those certificates like go daddy brings them, which worked fine (for 10 days).
I have tried renaming them from "gd_bundle-g2-g1.crt" and "someRandomChars.crt" to "chain.pem" and "myDomainName.crt" as suggested here: FileMakerPKB
Filemaker Support suggested to double check the intermediate certificate "syntax". But what should I check here ? Looks the same all the time. 3 certifcates concatenated.
I got the feedback (under the lock icon), that I have a name mismatch. Which I don't.
no www. no other subdomain involved.
I even tried deleting every associated certificate in my keychain. This helped in a way that now it is "valid" (green checkbox sign when I open it) again but still the lock is orange.
Ah and there is one thing I have to mention which I don't get my head around:
in my browser I find the certificate issued by "Starfield Secure Certificate Authority - G2"
in my solution it is issued by "Go Daddy Secure Certificate Authority - G2"
Is there some brute force reset needed ? This seems to be a relict from back then.
I am running out of ideas and threads to read.
Is there one more thing to try ? Please tell me
And one more thing: How can I be sure it works and doesn't turn back to orange again in 2 weeks ?
Thanks a lot in advance- a lot of questions I know