olafseifert

How to implement existing SSL certificate in FMS 13 environment

Discussion created by olafseifert on Jun 19, 2014
Latest reply on Apr 7, 2015 by ch0c0halic

This is how I implemented an existing Thawte SSL 123 Domain Validation certificate into our FileMaker Server 13 environment:

 

  1. Determine if the certificate "nameOfCertificate.cer" and the private key "nameOfPrivateKey.key" are in PEM-format. When you are able to open them in TextEdit and they start with „—— BEGIN …“, they are in PEM-format. Otherwise they have to be converted in Terminal with the openssl command.
  2. Duplicate the private key file "nameOfPrivateKey.key" .
  3. Rename the duplicate of the private key file to „serverKey.pem
  4. Move „serverKey.pem“ to /Library/FileMaker Server/CStore
  5. In Terminal run the command
    fmsadmin certificate import /Path/To/Certificate/nameOfCertificate.cer
    At /Library/FileMaker Server/CStore a file „serverCustom.pem“ is generated - this is the FMS 13’s new certificate file
  6. Check owner/group/permissions of new files in /Library/FileMaker Server/CStore, inherit as appropriate from enclosing folder …/CStore.
  7. Restart the machine
  8. Start the FMS 13 Deployment assistant (Just to be sure, all the config files will be updated correctly)

 

 

About point 6:

When I first restarted the machine without correcting the permissions (all have to be in ownership of user fmserver), FMS 13 did not come up. In Console I got an error in syslog:

localhost com.apple.launchd[1] (com.filemaker.fms[66]): getpwnam("fmserver") failed

 

You may start FMS 13 manually using this Terminal command:

sudo launchctl start com.filemaker.fms

 

After correcting the privileges and another reboot of the computer, FMS 13 came up again.

 

Maybe this summary can be helpful for someone.

 

 

Best regards,

Olaf

Outcomes