I'll add a note to this:
Makes SURE you are getting an SHA1 type certificate. If you request a Certificate from GoDaddy that is for more than 2 years, you will automitically get an SHA2 type certificate. This will SEEM to work, but you will have problems after rebooting the server, and you may experience random disconnects from your client machines, especially Macs.
thanks for your note. Luckily, our certificate is of type SHA-1.
Is there any way to use an sha-2 certificate with webdirect? Chrome will start to warn users about sha-1 certificates beginning in November, and I know we will get lots of questions about it...
In regard of the newest FM-update to 13v9: Is there any way to implement a certificate from a non-supported certificate authority like https://www.startcom.org/ ? Or even a self-signed certificate?
( I understand that that would be less secure compared to a recommended authority, but if one needs only guarantee from oneselves that the website/fm-server is ones own server it would bestill as secure as a certificate from a supported authority, isn't it? )
My understanding is an unsupported Certificate either won't install or won't be used by FMS even if it does install. My experience is the certificate won't validate so it won't be used. You won't get that pretty green lock indicating SSL is fully functional.
As a side note; the certificate must be created using the DNS name of the FMS computer. If you then use the IP address the cert won't validate and the lock won't turn green. Same with a short name instead of the full DNS.
For example if the certificate is created with
Then these won't validate and will not give you a green lock. (Ns are placeholders for the IP numbers)
You can buy a certificate with more than one name. It is not advisable to include an IP address.
As a testing note a client that uses an existing Favorite to a file will not show a green lock. It will have to be deleted and the connection made using Open Remote to get the green lock and then added as a favorite.