Claris FileMaker default certificate appears to stymie LE request

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: logbook.austinrowing.org

I ran this command: sudo -E ./fm_request_cert.sh

It produced this output: Enter email for Let's Encrypt Notifications.

Email: ham.richards@austinrowing.org
Enter the domain for Certificate Generation. Note: Wildcards are not supported.
Domain: logbook.austinrowing.org
To import the certificates and restart FileMaker Server, enter the FileMaker Admin Console credentials:
Username:
Password:
Do you want to restart FileMaker Server after the certificate is generated?
Restart (0 for no, 1 for yes): 1
Do you want to generate a test certificate?
Test Validation (0 for no, 1 for yes): 0

Generating certificate request.
Saving debug log to /Library/FileMaker Server/CStore/Certbot/letsencrypt.log
Certificate not yet due for renewal

Certificate not yet due for renewal; no action taken.

realpath: /Library/FileMaker Server/CStore/Certbot/live/logbook.austinrowing.org/privkey.pem: No such file or directory
realpath: /Library/FileMaker Server/CStore/Certbot/live/logbook.austinrowing.org/fullchain.pem: No such file or directory
[ERROR]: An error occurred with certificate generation. No private key found.
austinrc@filemaker Lets_Encrypt %

My web server is (include version): Claris FileMaker Server 21.0.1.51

The operating system my web server runs on is (include version): macOS Ventura 13.3.1 (22E261)

My hosting provider, if applicable, is: self

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): FileMaker Server Admin Console 21.0.1.51

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.11.0

My FileMaker Server is equipped with the default Claris Self Signed Certificate (Not for Production Use). It doesn't expire until 2025-07-26 18:30:12 UTC, but it nevertheless must be replaced.

I pressed the server's delete files button, but that had no effect.

Every installation of FileMaker Server is installed with the default certificate, so my situation must be extremely common.

So I tried the alternate script: sudo -E ./fm_renew_cert.sh

It produced this output:

Enter the domain used to generate the certificate. If multiple domains were used, enter the name of the folder that the certificates should be found in.

Domain: logbook.austinrowing.org
To import the certificates and restart FileMaker Server, enter the FileMaker Admin Console credentials:
Username:
Password:
Do you want to restart FileMaker Server after the certificate is generated?
Restart (0 for no, 1 for yes): 1
Do you want to generate a test certificate?
Test Validation (0 for no, 1 for yes): 0
Do you want to force renew the certificate?
Force Renew (0 for no, 1 for yes): 1

Generating certificate request.
Saving debug log to /Library/FileMaker Server/CStore/Certbot/letsencrypt.log

Processing /Library/FileMaker
Server/CStore/Certbot/renewal/logbook.austinrowing.org.conf

Renewal configuration file /Library/FileMaker Server/CStore/Certbot/renewal/logbook.austinrowing.org.conf is broken.
The error was: expected /Library/FileMaker Server/CStore/Certbot/live/logbook.austinrowing.org/cert.pem to be a symlink
Skipping.

No renewals were attempted.

Additionally, the following renewal configurations were invalid:
/Library/FileMaker Server/CStore/Certbot/renewal/logbook.austinrowing.org.conf (parsefail)

0 renew failure(s), 1 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /Library/FileMaker Server/CStore/Certbot/letsencrypt.log or re-run Certbot with -v for more details.

[ERROR]: Certbot returned with a nonzero failure code. Check /Library/FileMaker Server/CStore/Certbot/letsencrypt.log for more information.

Command certbot -v produced this output:

austinrc@filemaker Lets_Encrypt % certbot -v

The following error was encountered:

[Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock'

Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.

Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/folders/p2/c9yh66wd40x1v9vflmfx_qxm0000gn/T/certbot-log-be2w3lbi/log or re-run Certbot with -v for more details.

I'm asking for help, and will be thankful for it..

You have several threads with roughly the same problem just with changing symptoms.

I personally think you should seek help from Claris who are the providers of FileMaker.

I can't follow all the twists and turns from your various threads. We generally prefer the same problem to stay in the same thread for continuity.

See your other thread for my other comments

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.