Hi all. I have a strange situation I seem to be unable to resolve. I can see that the Data API is running on a particular server, but I cannot get it to authenticate. This was working on a previous server hosted on a VPS with a different hosting company. I can get the requests to work on another server by simply changing the environment and authorisation details. I have tried with and without SSL certificate verification on. It seems to me that either there is a problem with authorisation, or requests on port 443 are somehow being diverted elsewhere. Does anyone have any idea why this might be happening?
The symptoms
I can confirm the Data API is running on the server by sending a Product information request, which returns the correct, anticipated information.
All authentication requests are refused with the message 802, Unable to open file.
No databases show up on the WebDirect Launch Centre, even though a number of files are set up for WebDirect Access, including the FMServer_Sample file.
The setup
FileMaker Server 19.1.2 hosted on a virtual server running Windows Server 2019 Standard. All the correct ports are open and listening The Thawte RSA CA 2018 SSL from DigiCert Inc has been installed correctly and checked (expires Aug 2021); the entire Certificate chain, including the Intermediary (expires Nov 2027) checks out as valid throughout. WedDirect and the Data API have been correctly installed and configured in the Admin Console. The machine has been set as the Master machine. No other processes are listening on or using ports 443, 80, 5003 etc.
Tests
Tests are being run from Postman using Wim Decorte’s set of Data API commands adapted to this environment and two new endpoint queries - Product Info endpoint and Databases endpoint.
Result returned from authentication request:
'{"messages":[{"code":"802","message":"Unable to open file"}],"response":{}}'
Comments and other factors
The provider requires administrators to log on from an authorised IP address. This does not seem to be the factor as I get the same result wherever I run the tests from (I cannot try locally).
The only difference between the Product Info and Auth request I can see is that there is no DNS lookup, TCP Handshake or SSL Handshake with the Product Info request.
I have heard of similar behaviour encountered by other people, but don’t have any specifics.
“ A caveat here is that the scope parameter in the authentication URL is, strangely enough, contains spaces. You should replace this by the ‘+’ character in order to make the following call.”
This is obviously not normal and would point to a config issue somewhere. Was this an install from scratch or an upgrade to an existing FMS installation?
This is applied when you log into the remote virtual server machine. Remote access administration of the server is only allowed from certain specified IP addresses. I don't think this, per se, is the issue.
If you uninstalled FMS18 but didn't rename the left-over "filemaker server" folder then the new install could have picked up some of those leftover files. Any issues there typically show up in the web publishing side, like WebD and any of the web APIs.
The fact that you get a well-formed response means that connectivity is fine.
I would suggest:
uninstall FMS19
reboot
rename the left-over 'filemaker server' folder
install FMS19
reboot
set SSL cert and all config settings, move live files from the renamed folder to the new folder
My customer's IT guy handles installs. I will get him to follow your advice and will post the outcome here. It may take a while as this will not be treated as highest priority - use of the Data API will replace an existing export/import routine from a third party application.
