Encrypted patch file
An encrypted patch file, with the filename extension .fmpatch, makes the patch file unreadable to anyone without the passkey and causes the upgrade tool to return an error if the patch file has been altered after it was encrypted. You should use an encrypted patch file when you are concerned about others applying their own patches to the customer's instance of your app.
When the tool upgrades an app, the tool opens the source file with the specified account credentials, retrieves the passkey, uses the passkey to decrypt the patch file, and applies the patch.
Important To use encrypted patch files securely, you must limit how your customers can create accounts.
To associate the passkey with the FileMaker file account:
- Decide on a passkey to use to encrypt the patch file. The passkey must:
use only the characters A-Z, a-z, or 0-9
be 91 characters or fewer
Note The passkey is case sensitive.
-
Before you distribute a custom app, create an extended privilege named fmupgradepasskey, where passkey is the same passkey you use to encrypt the patch file.
For example, if your passkey is k4EuhSEG, then the extended privilege name should be fmupgradek4EuhSEG.
-
Add your fmupgradepasskey extended privilege to the privilege set assigned to the FileMaker file account that you plan to use when the tool upgrades a source file.
You can use any privilege set, Full Access or not. A common use case is to add fmupgradepasskey to the Full Access privilege set and optionally add it to another, very limited privilege set assigned to the account that has the permission to upgrade the app.
If there's more than one fmupgradepasskey extended privilege, only the first one listed in FileMaker Pro will be used.
To encrypt the patch file, run the upgrade tool using the --encryptPatch subcommand and, for -patch_key, use the same passkey you decided on in step 1. For example:
FMUpgradeTool --encryptPatch
-patch_path ./plaintext-patch.xml
-patch_key k4EuhSEG
-dest_path ./encrypted-patch.fmpatch