Jump to content

Is there any Synology owners that can help me with this issue im having I would really appreciate...

G+_Alex Martinez

By G+_Alex Martinez,
in Know How

 Share

Recommended Posts

G+_Alex Martinez Newbie

G+_Alex Martinez

Posted
Posted

Is there any Synology owners that can help me with this issue im having I would really appreciate it!

I wanted to enable Https when I connect to my Synology but it says i need to get a certificate and I could do it with Let's encrypt but the thing is I have no clue in the world how to do this at all. I know i needed to get a domain name so I went and bought a domain name from namecheap.com for 3 dollars. Now i have not one clue what to do from here. Hopefully someone can guide me to the path of knowledge.

http://namecheap.com

Link to comment
Share on other sites
G+_Ben Reese Newbie

G+_Ben Reese

Posted
Posted

You might watch the renewal on that $3 domain. It's usually the $20+ top-level domains that they discount that far.

 

Regardless, you're on the right path. The next step is to point that domain name to your public IP. I'd probably choose a subdomain to use for this instead of pointing the main domain name at it. For example, alexcrib.mydomain.me.

To do that...

1) Log into NameCheap - I think that dumps you to the dashboard.

2) Click [Manage] to the right of your domain name.

3) Select the [Advanced DNS] tab along the top.

4) Click "+ ADD NEW RECORD" at the bottom of the "HOST RECORDS" section.

5) Use an "A Record" for an IPv4 address (I think AAAA for IPv6).

...a) Host = "alexcrib" (could also be any level of subdomains, like "alex.martinez.house")

...b) IP Address = your public IPv4 address

...c) TTL - I don't know what "Automatic" does, but you probably want to set it low to begin with. Lower TTL means if you update this record it won't take as long for that change to propagate to the Internet - sorta.

6) That's it. If you ping that subdomain (alexcrib.mydomain.me), you'll get your public IP.

 

After your DNS is pointing to the right place, you need port forwarding on your router. This is different for every router, but may be labeled "port forwarding", "virtual servers", "gaming", "firewall"... Synology's site says they need port 80 open for domain validation, so forward port 80 to the internal IP of your NAS (like 192.168.1.3).

 

I haven't exposed my NAS to the public Internet yet, so the next steps I haven't tried. Maybe someday I'll get brave enough to actually trust it - I don't have much reason not to. Below is the link to Synology's site explaining how to add a certificate from Let's Encrypt. I started going through the process and it seems pretty straight forward.

 

I hope this helps! Let us know how it goes.

 

synology.com - DiskStation Manager - Knowledge Base | Synology Inc.

Link to comment
Share on other sites
G+_Jeff Gros Newbie

G+_Jeff Gros

Posted
Posted

It's been a while since I set up my synology units at home/work, however, I have https and I didn't have to do anything with lets encrypt or pay any service.

 

I think the trick is that I'm using a self signed certificate. If it's just you and you're associates, there's nothing wrong with using self signed. You can even tell your browser to trust that certificate, so you'll know you're connecting to the correct synology.

 

Under MainMenu->ControlPanel->Security->Certificate, you can view your certificates. I don't remember if the synology came with a self-signed certificate or not. If not, you can generate one by clicking the Add button, choosing self signed and going through the menus.

 

Once you've got it setup, and YOU HAVE TESTED that https works, you'll want to disable http access.

 

To disable access to unencrypted DSM (in Synology):

1. Log into Synology Disk station if not already logged in (http://find.synology.com, http://diskstation:5000)

2. MainMenu->ControlPanel.

3. Select Network. Choose the DSM settings tab.

4. Enable "Automatically redirect http connections to https" checkbox.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...