Bonjour…Goodbye Again.

By April 6, 2021 No Comments

Back in 2016, we discussed how Bonjour can interfere with obtaining a proper SSL ‘green lock’ for your FileMaker Pro and Go client connections.

Bonjour is Apple’s zero-configuration networking service. It helps you locate other devices on your network, like printers, iPads, and more via a local network and records on a multicast Domain Name System.

Unfortunately, your list of Local servers is populated through Bonjour.

Screenshot of list of local servers

List of local servers

Server Verification Issues Caused by Bonjour

When you select a server from the Local list, the bonjour domain suffix of .local is used to connect to the server instead of the server’s actual DNS name. Since the server’s DNS name is on the SSL certificate, FileMaker Pro and Go, will warn you that they cannot verify the server’s identity. The name used to address the server simply does not match the name on the certificate.

Screenshot of the SSL certificate warning that the server's identity cannot be verified

Warning that server’s identity cannot be verified

If you proceed past this warning, the connection itself will show an orange lock due to the name mismatch between the server with the .local suffix and the name of the server on the SSL certificate ( in this case).

Screenshot of connection showing an orange lock

Orange lock is shown when there is a name mismatch

How to Navigate This Bonjour Issue

Picking a server from the Local list is not ideal. So how can you avoid this scenario by making sure your server does not show up in that list?

On Windows, you can opt out of Bonjour when you install FileMaker Server. The original blog post we mentioned shows how you can remove Bonjour on a Windows machine if it did get installed.

On macOS, Bonjour is integral to the operating system. You do not get a choice to not use it for FileMaker Server. The same is true on Linux. (FileMaker Server installs bonjour-like functionality by way of Avahi mDNS.)

But now you can control whether your FileMaker Server is visible through Bonjour. FileMaker Server 19.2.1 (released in December 2020) introduced a neat little feature that has not been talked about a lot: the ability to toggle your FileMaker Server’s discovery through Bonjour.

On your FileMaker Server, go to the command line and type in:

fmsadmin get serverprefs

Toward the bottom of the settings, you will see one named ServerDiscovery. It is active by default on Windows and macOS and off by default for Linux.

Screenshot of ServerDiscovery settings on Windows and macOS which is active by default

ServerDiscovery active by default on Windows and macOS

Screenshot of ServerDiscovery settings on Linux which is off by default

ServerDiscovery is off by default on Linux

If you want to hide your server from the client’s local list, simply set the preference to false:

fmsadmin set serverprefs ServerDiscovery=false

You can make this adjustment live; it does not require a restart of FileMaker Sever. The change will take effect immediately.

Problem solved. This solution is a lot more elegant than trying to remove bonjour or decouple the FileMaker Server service from the bonjour service, as we show in our 2016 blog post.

Wim Decorte

Wim Decorte

Wim is Director, Claris Practice at Soliant. He is a FileMaker 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17 and 18 Certified FileMaker Developer and the author of numerous Tech Briefs and articles on FileMaker Server. Wim is one of the very few multiple FileMaker Excellence Award winners and was most recently awarded the FileMaker Community Leader of the Year award at the 2015 FileMaker Developer Conference. He is also a frequent speaker at the FileMaker Developer Conference and at FileMaker Developer groups throughout the world. In addition to being a renowned expert on FileMaker Server, Wim also specializes in integrating FileMaker with other applications and systems. His pet project is the open source fmDotNet connector class that he created.

Leave a Reply