What’s this post all about?
Fessing up to reality
Why self-host FileMaker files in 2018?
Payment & license models
FileMaker Server host machine considerations
FileMaker Server installation
A fixed external Internet address
Free SSL certification?
- Install Homebrew
- Install Certbot
- Download the GetSSL.sh file
- Edit the GetSSL.sh file
- Run the Bash script
- Change the FileMaker Server SSL Connections settings
- Set up a schedule to renew the SSL certificate
Deciding on and securing an FQDN
Generating a certificate signing request (CSR)
Tested SSL certification authorities (CAs)
Setting up a GoDaddy Certificate
Importing your SSL certificate into FileMaker Server
Uploading your FileMaker Server SSL certificate to your web host
If your SSL key is encrypted, you’ll first need to decrypt it before using it to secure your app with HTTPS.
Summary: landmarks on a FileMaker Server journey
- Buy a dedicated host machine. We use a Mac Mini.
- Buy your FileMaker Pro and Server licences.
- Install the FileMaker software.
- Don’t update Java. No, definitely don’t do that.
- Use your router’s firewall rather than OSX Server’s. Check the setup carefully.
- Fix your FMS host’s internal (LAN) IP address outside the scope of your DHCP distribution.
- Open ports 80, 443, 5003 and 16002 in your router and port-forward them to the FMS host’s internal IP address.
- Open port 2399 for ODBC/JDBC solutions and 16000 if you want to use Admin Console externally.
- Secure a fixed external (WAN) Internet address. We bought a static IP address from our ISP.
- Decide on and secure an FQDN with your web host – probably a subdomain.
- Generate a CSR in FMS.
- Choose a FileMaker-approved CA like GoDaddy and buy an SSL certificate.
- Set up the certificate and verify subdomain ownership through your web host.
- Download the certificate files from your CA.
- Import your SSL certificate into FMS.
- Decrypt your private key, which requires OpenSSL, which requires HomeBrew, which requires Xcode Command Line Tools.
- Upload your SSL certificate to your web host and attach it to your subdomain.
- Change the TTL options for the DNS Zone records you need to update to 60.
- Redirect your subdomain to FMS by changing DNS Zone records.
- Test everything.