Recently, I have messed around with installing and reinstalling a self signed certificate on my OSX server I get the Error when publishing:

Calendar Publishing Error

java.sql.SQLException: Could not connect to database: Server has moved to new location: https://localhost/fmi/xml/FMPXMLRESULT.xml

I can call localhost/zulu
If i click Testconfiguration it says

Google sync will not function until one or more FileMaker accounts are configured
✓ Zulu is communicating successfully with Web Publishing Engine running on localhost (ssl: false)

Where the "ssl=false" part might be part of the problem.
Does anyone see what I do wrong?
yours
Pierre

OK.. so I found your Docs explaining how to enable ssl security http://www.seedcode.com/pmwiki/pmwiki.php?n=Zulu.Security.

However now I get this error

Calendar Publishing Error

java.sql.SQLException: Could not connect to database: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

My certificate is a self signed certificate. Even nomal browser ask before entering our site.
Any hints?

Ok.. I found out that I have to "redeploy" the fm server app after I installed the certificate, choose https and port 443.
Then I had to reinstall the newest version 1.307, the change the localhost.xml file to "use all ="true"

But it still gives me the error

Calendar Publishing Error

java.sql.SQLException: Could not connect to database: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Please help.yours
Pierre

Hi Pierre,

Sorry for the late reply, we're out until Monday here, but if you may have already found this... http://www.seedcode.com/pmwiki/pmwiki.php?n=Zulu.Security
...it should help. I'm not a webserver expert so I can't help you config the web server but I suspect that self signed certificates won't work as there is no way for the iCal client to accept them.

Hope that helps,

John

Well John,
Apple has services on their server that do not work well without a certificate, they somehow expect one.
Ical has an option for SSL (it is a checkbox).
A certificate costs some 300USD for 3 years..
You don't think that it should be possible?
Yours
Pierre

Like I said Pierre, I'm not a server expert and I've never used a self signed cert. Wish I had more to suggest.

yeah
i deinstalled the certificate and everything went back to normal. I just installed it anyway because somebody told me that lion server works better with one installed.
so... no more certificates.. I mean , who am I anyway,, the CIA. hope i do not need the security

p

From a passing stranger:

Error:
I can acces the https://mydomain.com/zulu/ without problems, but when I try to publish a calender with SSL I get this error:

-----------------------------------
Calendar Publishing Error
java.sql.SQLException: Could not connect to database: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
-----------------------------------

Reason:
The Java 6 engine (used by tomcat that filemaker uses) on the osx lion cant find your ssl certificate. Java engine does not look for a certificate in the usual apache osx server keystore file. It uses its own keystore file called Cacerts. The location may vary depending on osx version. So when you connect, it cant find a certificate in the keystore file (keystore file is like a vaultwhere you can store certificates) because there is none. The solution is to import a proper signed certificate in to the Cacerts file so that it can be found by Filemaker and the Seecode.

Before you start:
1. Change filemaker seecode script (publish calander) to ssl: Yes and a correct server adress that correspond with your server certificate, yourdomain.com probably
2. Edit the zulu.xml according to ssl documents from seedcode. http://www.seedcode.com/pmwiki/pmwiki.p ... u.Security
By terminal its $Sudo nano \FileMaker Server\Web Publishing\publishing-engine\cwpe-tomcat\conf\Catalina\localhost\zulu.xml


Solution:
1. Make sure you have a proper signed ssl certificate intsalled for web in server.app.
2. Export it from your keychain acces.app so that you get a file called something.cer
3. Start terminal.app
4. Run $ Sudo Keytool -import -alias yourdomain.com -file /example/folder/path/yourcertificate.cer -keystore /system/library/Java/Support/CoreDeploy.bundle/Contents/home/lib/security/Cacerts
5. Enter system password for the sudo command
6. Enter Cacerts password, default is: changeit
7. You will get a long text and a will you trust this question. Say yes.
8. It should say Certificate has been added to keystore-file

and your done.


Tips.
Sudo: gives acces as root
Keystore: File where you can store certificates
Nano: Text edit file in terminal
File paths: you can drag a file in to the terminal window to get a 100% correct adress
Alias: All certificates are called by an alias, you can choose whatever, but the same name as the certificate is good.

Jason,
Thanks for this succinct solution. This procedure solved a problem I was having with OS X Lion and FileMaker Server 12. We weren't having any troubles with Zulu necessarily (not on this server anyway ), but were getting the "PKIX path building failed" error from Java when we tried to setup/deploy the web server on FM12.

Thanks!

-- J

Nobody copies and pastes like I do!