FileMaker Server 19 - CSR Generation
If security is important to your operations, all machines running FileMaker Server should have a custom SSL certificate. The standard FileMaker SSL certificate installed by default is suitable for test purposes only. Follow the step below obtain a new certificate or replace an expired certificate.
A Certificate Signing Request (CSR) is required when applying for an SSL certificate. This CSR (and private key) can be generated on your webserver. To request a wildcard certificate, fill in an * (asterisk) for the subdomain, for example *.sslcertificaten.nl (instead of www.sslcertificates.nl).
- Open your commandline interface, depending on the FileMaker server Host OS, this can be either Terminal.app (macOS), CMD (Windows) or your shell on a Linux server.
- Enter the following command, where you change the values to your own details;
fmsadmin certificate create "/CN=ets-srvr.filemaker.com/O=FileMaker DBS Test/C=US/ST=California/L=Santa Clara" --keyfilepass exampleSecretPassphrase
- C (Country code) : Your ISO country code (NL)
- S (State or Province Name): Noord-Holland
- L (Locality Name (eg, city): Alkmaar
- O (Organization Name (eg, company): Xolphin B.V.
- OU (Organizational Unit Name (eg, department) : ICT
- CN Common Name (eg, YOUR name) []: www.sslcertificaten.nl
- After running the command, two new files are created in your CStore folder:
- Windows: [drive]:\Program Files\FileMaker\FileMaker Server\CStore\serverRequest.pem
- macOS: /Library/FileMaker Server/CStore/serverRequest.pem
- Linux: /opt/FileMaker/FileMaker Server/CStore/serverRequest.pem
The file serverRequest.pem contains the request for ordering your certificate.
To order a certificate, copy the entire contents of the generated CSR, including the first and last line and all dashes.
SSLCheck
Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues