SSL Troubleshooting - OS X Secure Transport Bug
During installation the RESTfm report page may reference this page if RESTfm is unable to disable SSL certificate checks due to a compatibility bug in Apple's OS X Secure Transport library.
Development Systems
On development systems it is common to use self-signed SSL certificates. In this case the SSL checks may be disabled in RESTfm.ini.php
.
On OS X with FileMaker Server 15 this will then cause the following error:
cURL failed with error: 35: SSL: CA certificate set, but certificate verification is disabled
Development Systems Workaround
Comment out curl.cainfo in php.ini:
- Edit FileMaker Server's
php.ini
which may be found in one of the following locations:/Library/FileMaker Server/Web Publishing/publishing-engine/php/sierra/lib/php.ini
/Library/FileMaker Server/Web Publishing/publishing-engine/php/el capitan/lib/php.ini
/Library/FileMaker Server/Web Publishing/publishing-engine/php/yosemite/lib/php.ini
- Comment out the
curl.cainfo
line by adding a semicolon (;
) to the beginning of the line as follows:;curl.cainfo = "/Library/FileMaker Server/CStore/root.pem"
- Restart the Apache web server by typing the following in a terminal:
sudo launchctl start com.filemaker.httpd.restart
Production Systems
A valid SSL certificate should be installed, and strict SSL certificate checking should be left TRUE in RESTfm.ini.php