Skip to main content
  • EN
  • Home
  • Forums
  • FME Flow
  • Security
  • Internal web site does not have certificate. how to bypass the step to upload Base-64 encoded X.509 (.CER) and local PFX cert directly?

Hi,

My organisation provided me a CA signed PFX certificate.

I have followed the step-by-step guide to update server.xml, web.xml and content.xml, etc.

I am able to restart the FME server service.

However, when I use https://locahost/ or https://<server name>/fmeserver/

I contantly get the message "This is site can't provide a secure connection", and ERR_SSL_PROTOCOL_ERROR.

click the (i) at the URL address bar shows NO certificate.

I checked the other internal site, it states "This site does not have certificate."

I couldn't complete the export and import Base-64 encoded X.509 cer file.

How can I move forward from here to complete the HTTPS enabling?

Thanks

Helen

Hi @defence_hyang​, is this the article that you followed?

https://community.safe.com/s/article/Configuring-FME-Server-for-HTTPS-Using-a-PFX-Certificate

If you are using a wild-card certificate that can be used on multiple sub-domains, then you need to enter the full domain (for example, https://www.mysite.myorg.net/fmeserver) - localhost won't work.

You should be able to download the certificate from the browser and import it into FME Server's trusted certs as per the article linked above. The article used Chrome as an example, which has changed a bit since it was written (we plan to update it). If you do not see an option to download the 'Base-64 encoded X.509' cer file, download the base-64 ascii crt instead and import that into FME Server's trusted certs.

Reply


Community Stats

30,159
Posts
114,479
Replies
37,802
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.