G+_Joel Pomales Posted June 24, 2018 Share Posted June 24, 2018 Guys, I need some advise on how to have an SSL certificate that works on my Synology NAS. I'm at a loss as to how to make this work. I've enabled https, changed the ports, and I can get to it through Quickconnect just fine. But I get certificate errors. I want to solve this. What's the best way to do it? Link to comment Share on other sites More sharing options...
G+_Ian Hayes Posted June 24, 2018 Share Posted June 24, 2018 Need more detail of the certificate error Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted June 24, 2018 Share Posted June 24, 2018 Have you seen this video that describes the way to do this using let's encrypt? It worked for me. Link to comment Share on other sites More sharing options...
G+_Joel Pomales Posted June 24, 2018 Author Share Posted June 24, 2018 Marco van Laerhoven this didn't work. Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted June 24, 2018 Share Posted June 24, 2018 I've setup this up last week, using that procedure and it worked fine for me. If you can be more specific on what you tried and the exact error message you're getting, maybe I can help. Link to comment Share on other sites More sharing options...
G+_Joel Pomales Posted June 24, 2018 Author Share Posted June 24, 2018 Marco van Laerhoven I'm getting certificate not valid, and I can't get to the DDNS address I create at synology.me. I actually get to my router's login page. No bueno Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted June 24, 2018 Share Posted June 24, 2018 Let me guess: you're resting this from within your own network? Have you tried from outside, not connected to your WiFi/lan? The is a way to get it working from inside too but let's first determine whether the cert is installed correctly Link to comment Share on other sites More sharing options...
G+_Joel Pomales Posted June 24, 2018 Author Share Posted June 24, 2018 Marco van Laerhoven yes. I turned off the wireless in my phone and tried it from the outside. Got nothing. Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted June 24, 2018 Share Posted June 24, 2018 I had the same , and I was puzzled initially. But after don't thinking it dawned on me ... The domain name is actually tied to your external IP address, if you connect to it from inside your lan you get the cert of the router. To solve it, you can map the FQDN (...synology.me) to the internal IP address of the NAS. I did it in my router, (edgeroter X) so it is known to ask interval clients. But you can also add it to the hosts file in your machine. Hope that helps Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted June 24, 2018 Share Posted June 24, 2018 BTW: have you confirmed the cert is available on the NAS in security - certificates? Link to comment Share on other sites More sharing options...
G+_kurterst Posted June 25, 2018 Share Posted June 25, 2018 Hi Joel Pomales I used the following directions to setup Let's Encrypt SSL certificates. pahoehoe.net - Synology - Setup Let's Encrypt SSL Certificates Hope this helps you. I also was playing with QuickConnect. You don't need to setup a new certificate to use QuickConnect. One note, I disable UPnP on my router. As I understand QuickConnect it then uses the Synology relay server. And when I did a tcpdump I saw traffic from usr4.synology.com on 443/UDP (that is UDP not TCP). My connection was encrypted and I did not need a certificate. I disabled my cert when I tried this and switched back to the default synology cert. My connection was encrypted and it didn't complain. For more information on Quickconnect check out this PDF. http://global.download.synology.com/download/Document/WhitePaper/Synology_QuickConnect_White_Paper.pdf Link to comment Share on other sites More sharing options...
G+_Marco van Laerhoven Posted June 27, 2018 Share Posted June 27, 2018 kurterst thanks for sharing this link! interesting website Link to comment Share on other sites More sharing options...
Recommended Posts