Importing an SSL certificate during deployment
Because data security is important, FileMaker Server asks you to import an SSL certificate when you first open Admin Console. FileMaker Server uses SSL technology to encrypt HTTPS connections between the web server and users' web browsers for Admin Console, FileMaker WebDirect, FileMaker Data API, and Custom Web Publishing. The Database Server can also use SSL encryption for connections with FileMaker Pro clients, FileMaker Go clients, and the Web Publishing Engine.
You can request a custom SSL certificate that matches your specific server name or domain name from any trusted certificate authority (CA) supported by Claris International Inc. For information about requesting an SSL certificate, see FileMaker Server Installation and Configuration Guide.
If you have a custom SSL certificate to import:
-
Choose Import an SSL certificate received from a certificate authority, then click Import Certificate.
-
For Signed Certificate File, click Browse and choose the SSL certificate file that you received from the CA.
-
For Private Key File, click Browse and choose the private key file (
serverKey.pem
) created in theCStore
directory when you created the certificate signing request (CSR). See Creating a certificate signing request.If you used a different method to create the CSR—for example, using a CA's website—then choose the private key file you obtained through that method.
-
If your custom SSL certificate requires an intermediate certificate file, for Intermediate Certificate File, click Browse and choose the intermediate certificate file. If you get a CA certificate bundle from your CA, you can use this file as the intermediate certificate file.
-
For Private Key Password, enter the password used for your private key file when you created the file.
-
-
Click Import to import the signed certificate.
After a certificate is imported, its information is displayed on the Configuration > SSL Certificate tab. If the information is not displayed, try restarting the machine for the new certificate to take effect.
Notes
-
When you import a custom SSL certificate, Database Server client connections use SSL and HTTP connections are routed to HTTPS. If you do not import a custom SSL certificate, SSL is not used for database connections and the HTTP Strict Transport Security (HSTS) feature is disabled.
-
To remove an imported certificate, use the CLI command
fmsadmin certificate delete
, and restart FileMaker Server for the change to take effect. See Using the command line interface for the certificate command. -
Certificate filenames should not include unsupported characters. For example, a certificate filename should not include an asterisk (
*
) character.
If you don't have a custom SSL certificate:
Either:
-
Close Admin Console and request a custom SSL certificate from a trusted CA.
See Creating a certificate signing request for instructions on how to request a custom SSL certificate from a CA. After you receive your SSL certificate, open Admin Console. (See Starting Admin Console.) Follow the instructions above to import your custom SSL certificate.
-
Continue without importing an SSL certificate.
Because continuing without an SSL certificate may be a security exposure, you must accept the warning to continue. You can use the Configuration > SSL Certificate tab to import a custom certificate later. See Importing a custom SSL certificate.