# localhost is used to configure the loopback interface In order to quickly spoof the hostname without creating actual DNS records I’ve modified my /etc/hosts file so that my workstation will resolve the fmtest hostname to the test server. Back on my workstatation, I imported the beezwax.int root CA and marked it as trusted for all certificate types. I then restarted the FileMaker Server service. Notice that I used the CA certificate as the intermediate certificate in the import dialog. This was a FileMaker Server 16.0v3 system running Windows Server 2016 Standard. With that, I now imported them in to the FileMaker server. $ openssl pkcs12 -in /Volumes/data/Users/sibr/Desktop/12 -nocerts -out .pem $ openssl pkcs12 -in /Volumes/data/Users/sibr/Desktop/12 -clcerts -nokeys -out įor the fmtest certificate I also need the key file, so we use a slightly different version for that. I used the OpenSSL command to export both the beezwax.int and the certificates. In order to load them on to FileMaker Server however, I first had to convert them from. With that done, I then exported both certificates in p12 format and copied them to my workstation.
Once done with the CA, I again used the certificate assistant to create a server SSL certificate using the beezwax.int CA. After the first screen most were left at their default values. Since I didn’t have access to the server (their security protocols did not allow that), I decided to go through the process of creating my own CA ( certificate authority), using it to issue an SSL certificate, and see if I could install it on a test instance of a FileMaker 16 Server.įirst step was to create the certificate authority, which I did on a separate macOS system using its Certificate Assistant.
Additionally, issuing your own certificates can remove complications caused by the certificate verification process used by most vendors, and there are no fees needed for each certificate.Īlthough this use case is not supported by FileMaker, I had a client who had no choice but to use their internally signed certificates, and was having issues getting to work on their newly updated server, which had been working fine with FileMaker Server 15. Often this is because the domain is only used internally, and most vendors don’t easily allow (if at all) the signing of server certificates for non-public domains. Typically, you buy an SSL certificate for a server from a SSL vendor. However, some companies may decide that they want to issue their own SSL certificates.
0 kommentar(er)
