xv4_de

Filemaker Server mit Letsencrypt

original: http://bluefeathergroup.com/blog/lets-encrypt-ssl-certificates-for-filemaker-server-for-mac/

Homebrew installieren

# /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

certbot installieren

# brew install certbot

/usr/local/bin/GetSSL.sh

#!/bin/sh

DOMAIN="fms.mycompany.com"
EMAIL="myemail@mycompoany.com"
SERVER_PATH="/Library/FileMaker Server/"

#WEB_ROOT=$SERVER_PATH"HTTPServer/htdocs"

# Get the certificate
#certbot certonly --webroot -w "$WEB_ROOT" -d $DOMAIN --agree-tos -m $EMAIL --preferred-challenges "http" -n
certbot certonly --standalone -d $DOMAIN --agree-tos -m $EMAIL --preferred-challenges "http" -n

cp /etc/letsencrypt/live/$DOMAIN/fullchain.pem /Library/FileMaker\ Server/CStore/fullchain.pem
cp /etc/letsencrypt/live/$DOMAIN/privkey.pem /Library/FileMaker\ Server/CStore/privkey.pem

# Move an old certificate, if there is one, to prevent an error
mv "$SERVER_PATH/CStore/serverKey.pem" "$SERVER_PATH/CStore/serverKey-old.pem"

# Install the certificate
fmsadmin certificate import /Library/FileMaker\ Server/CStore/fullchain.pem --keyfile /Library/FileMaker\ Server/CStore/privkey.pem

# Wait for it to stop
sleep 60s

# Stop FileMaker Server
launchctl stop com.filemaker.fms

# Wait for it to start
sleep 60s

# Start FileMaker Server again
launchctl start com.filemaker.fms

Im Terminal erstes Cert holen

# sudo /usr/local/bin/GetSSL.sh

/Library/LaunchDaemons/com.filemaker.fms-ssl.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>EnvironmentVariables</key>
    <dict>
        <key>PATH</key>
        <string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin</string>
    </dict>
    <key>Label</key>
    <string>com.filemaker.fms-ssl</string>
    <key>ProgramArguments</key>
    <array>
        <string>/bin/sh</string>
        <string>/usr/local/bin/GetSSL.sh</string>
    </array>
    <key>RunAtLoad</key>
    <false/>
    <key>StartCalendarInterval</key>
    <array>
        <dict>
            <key>Hour</key>
            <integer>6</integer>
            <key>Minute</key>
            <integer>30</integer>
            <key>Weekday</key>
            <integer>6</integer>
        </dict>
    </array>

</dict>
</plist>

rechte anpassen

# chown root:wheel /Library/LaunchDaemons/com.filemaker.fm-ssl.plist

laden

# sudo launchctl load /Library/LaunchDaemons/com.filemaker.fm-ssl.plist

prüfen ob es geladen wurde

$ sudo launchctl list | grep com.filemaker
-   0   com.filemaker.httpd.graceful
-   0   com.filemaker.fms-ssl
-   0   com.filemaker.httpd.stop
1233    0   com.filemaker.fms
-   0   com.filemaker.httpd.start
-   0   com.filemaker.httpd.restart
Mac rsync Backup