4 Replies Latest reply on Dec 2, 2011 5:12 PM by oliver

    MySQL data tunnel through FMS with SSL turn on


      Hello Filemaker guys,


      I am working on a project required to access MySQL data via a fp7 file hosted on FMS through internet.

      My concern here is with SSL turn on from FMS. I understand the data transfer between host and client should have been encrypted.


      Would this apply to the MySQL data as well? My assumption is that MySQL data is proxy through the FMS and should be fine.


      May I be wrong?


      Just some more information, both MySQL and FMS are hosted on the same server. Using FMP to access the remote fp7 file with MySQL data source






        • 1. Re: MySQL data tunnel through FMS with SSL turn on

          Hi Oliver,


          How are you communicating with MySQL.

          • Is FileMaker accessing MySQL via ESS
          • Is FileMaker accessing MySQL via SQL queries
          • Is MySQL accessing FileMaker Server via ODBC
          • Is MySQL accessing FileMaker via some http requests (xml, php or otherwise?)


          FileMaker SSL handles the communication between FileMaker Server and FileMaker clients (FMP, FMPA, WPE ... anything I forget?).


          If you use other components like Apache or IIS the communication from "outside" to this component must be handled by lets say Apache.


          Please explain how the FMS<->MySQL communication is handled and I or somebody else can probably give an answer.

          And please also write about software versions, platforma and involved components.

          • 2. Re: MySQL data tunnel through FMS with SSL turn on

            Thanks Carsten,


            We are using Filemaker Server 10 here to host the fp7 file. MySQL server and the Filemaker Server are hosting in the same box. The connection between fp7 and MySQL is via ODBC connection. The setting is via the "Managing External Data Sources".


            User opens the fp7 file remotely to the filemaker server through the Filemaker Server.






            • 3. Re: MySQL data tunnel through FMS with SSL turn on

              If I am understanding it correct you are concerned about the communication between MySQL and FileMaker via ODBC on the same computer.

              This seems logical, since the network is involved even though it is on one computer.

              You have to ensure that the part that is outside FileMaker is protected. This has to be done by someone who knows about protecting ... the X (platform) and ODBC connectivity on X (Platform).


              If the computer is placed behind a FireWall and is well protected, then I would like to know a little bit more about your concerns.

              • How can your solution(s) be accessed by users (via MySQL, via FileMaker, via www or other)?
              • What is it you want to protect (data in FileMaker, Data in MySQL, Data in the networkstream between the two, access to FileMaker Server via ODBC) or other?
              • Who [types of users] do you want to protect against (and where are they situated, do they have some access to your network, do they have access to the FileMaker solution, do they have acces to the MySQL solution.
              • What platform is it on.


              As Steven Blackwell and other will also explain, security is not a generalistic issue but a very specific case by case issue.

              And you have to deside on a level of security fitting to your business rules and processes. And then you can follow up by securing that each part of the data-chain is protected to that level. That is the reaseon for my questins to you.


              And ... this is maybe the most important point: Just answering those questions to me and others will probably make the issue much clearer for you ... even though you have to live with my peculiar Skandlish spelling and grammar.


              Best regards



              • 4. Re: MySQL data tunnel through FMS with SSL turn on



                Thank you for your help indeed.


                You have pointed me the right direction on this. I actually have overlooked some of my setup here.


                MySQL and Filemaker server are both placed behind the firewall. Only the FMS port are openned to allow users to access the fp7 file remotely using FMP through internet.


                So, it should be pretty safe.


                All the questions you rasised are very helpful on ensuring the solution setup are well proetected.



                All best,