FileMaker Server 14 SSL
Encrypting your data is the fundamental aspect of data security. FileMaker Server 14 supports a variety of authorized ssl certificates. With version 14 a new way to import the certificate has become an option. Regardless of the method chosen the steps required remain the same. First you generate a certificate signing request (CSR). Then you submit the csr to a certificate authority (CA). And finally you import the certificate file you received from your CA. Below are some tips for installing a certificate on your FileMaker Server instance.
The first step is to generate the certificate. The method you use to generate the CSR will determine the import method you use to once you receive your certificate. The new option available, in FileMaker Server 14, is to use a separate program to create the CSR, if using a mac openssl is a program you most likely have installed and can be used. openssl use a terminal command to generate a request with information you will provide. The previous and perhaps simpler option is to use the fmsadmin commands previously available to generate a request with the proper server name (fmsadmin certificate create yourservername). This will create a ServerRequest.pem file in your FileMaker Server cstore folder. If using the fmsadmin commands you will not be able to use FileMaker Server 14 new import button on the admin console, you must import with terminal commands. To use openssl to generate the csr the commands needed are ( openssl genrsa -des3 -out yourdomainname.key 2048 ) and ( openssl req -new -key yourdomainname.key -out yourdomainname.csr ) after using those commands you should have a key and csr files in your user folder.
Purchasing a certificate is a pretty straight forward process. FileMaker Provides a list of supported Certificate Authorities from which you may purchase your certificate, as well as their supported encryption level. You will need the text from either the serverRequest PEM file in the cstore folder of filemaker server directory, or the csr file you created. After you submit the request your CA will issue you a crt file, if you have an option for type select other and download the cert to your server.
As stated above, the way you import your certificate is dependant upon the way the request is generated. If you generate the certificate with the fmsadmin commands you must import the certificate with fmsadmin commands (fmsadmin certificate import certificatelocatoncertificatename.crt). If you created your CSR with a separate program you are able to use the new filemaker import certificate button. Using the import button you select the crt file issued to you, the key file, and the password you made during the creation process.
All in all FileMaker Server 14 has a new feature importing a certificate directly from the admin console. However, the method for generating the csr requires more steps and possibly a separate program to be installed, with the only upside being the ability to import from the console and the possibility of adding more information to your ssl certificate. Depending upon your knowledge of openssl or another certificate request generating application, the more user friendly and fastest way to secure your server with an ssl is to use the fmsadmin command line.