Bonjour…Goodbye Again

Back in 2016, we discussed how Bonjour can interfere with obtaining a proper SSL ‘green lock’ for your FileMaker Pro and Go client connections.

Bonjour is Apple’s zero-configuration networking service. It helps you locate other devices on your network, like printers, iPads, and more via a local network and records on a multicast Domain Name System

Unfortunately, your list of Local servers is populated through Bonjour.

Screenshot of list of local servers
List of local servers

Server Verification Issues Caused by Bonjour

When you select a server from the Local list, the bonjour domain suffix of .local is used to connect to the server instead of the server’s actual DNS name. Since the server’s DNS name is on the SSL certificate, FileMaker Pro and Go, will warn you that they cannot verify the server’s identity. The name used to address the server simply does not match the name on the certificate.

Warning that server’s identity cannot be verified

If you proceed past this warning, the connection itself will show an orange lock due to the name mismatch between the server with the .local suffix and the name of the server on the SSL certificate (m1-01.ets.fm in this case).

Screenshot of connection showing an orange lock
Orange lock is shown when there is a name mismatch

How to Navigate This Bonjour Issue

Picking a server from the Local list is not ideal. So how can you avoid this scenario by making sure your server does not show up in that list?

On Windows, you can opt out of Bonjour when you install FileMaker Server. The original blog post we mentioned shows how you can remove Bonjour on a Windows machine if it did get installed.

On macOS, Bonjour is integral to the operating system. You do not get a choice to not use it for FileMaker Server. The same is true on Linux. (FileMaker Server installs bonjour-like functionality by way of Avahi mDNS.)

But now you can control whether your FileMaker Server is visible through Bonjour. FileMaker Server 19.2.1 (released in December 2020) introduced a neat little feature that has not been talked about a lot: the ability to toggle your FileMaker Server’s discovery through Bonjour.

On your FileMaker Server, go to the command line and type in:

fmsadmin get serverprefs

Toward the bottom of the settings, you will see one named ServerDiscovery. It is active by default on Windows and macOS and off by default for Linux.

Screenshot of ServerDiscovery settings on Windows and macOS which is active by default
ServerDiscovery active by default on Windows and macOS
Screenshot of ServerDiscovery settings on Linux which is off by default
ServerDiscovery is off by default on Linux

If you want to hide your server from the client’s local list, simply set the preference to false:

fmsadmin set serverprefs ServerDiscovery=false

You can make this adjustment live; it does not require a restart of FileMaker Sever. The change will take effect immediately.

Problem solved. This solution is a lot more elegant than trying to remove bonjour or decouple the FileMaker Server service from the bonjour service, as we show in our 2016 blog post.

3 thoughts on “Bonjour…Goodbye Again”

  1. Mohammed Ishaq Mir

    This is great, will it work with FileMaker Server 18 on Mac OS? Once I’ve done this, how can I change my host name on this Mac so that it matches my full FQDN in the GoDaddy SSL certs?

    1. I’m afraid you’re looking in the wrong place. Your Mac’s host name doesn’t come into play when your FMS has a custom SSL cert. The DNS resolution of the FQDN happens at the DNS server, which retrieves the IP of your FMS to know where to send the traffic, not the host name. The machine’s host name does not need to match the DNS name.

      But to answer your question: it’s a 19.2 feature, so it doesn’t work with FMS 18. If you have 19.2+ then yes, turning off bonjour for FMS on macOS works the same as on Windows or Linux, it’s just an FMS configuration.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top