You see an automatic translation. Please switch to our English original page in case of comprehension problems.
+49 (0) 7245 919 581 info@eunetic.com
Login
  1. Home
  2. EuropeanSSL Knowledge Base
  3. EuropeanSSL Install
  4. How do I install an SSL certificate on a Synology NAS?
europeanSSL
Knowledge Base

How do I install an SSL certificate on a Synology NAS?

Before you start

This article assumes that you have already prepared the following:

  • Setting up your Synology NAS
  • Install Synology DiskStation Manager (DSM, Synology NAS's Internet-based operating system).

For more information on hardware and software installation, refer to the Quick Installation Guide that came with your Synology NAS. For general information, refer to the Synology NAS User Guide (available from Synology's Download Center).

1
Activate HTTPS
  1. Log in to DSM with an account that belongs to the Administrators group.
  2. Go to Control Panel > Network > DSM Settings.
  3. Check the Automatically redirect HTTP connections to HTTPS box (Web Station and Photo Station excluded) and click Apply.
  4. Wait a moment for the Synology NAS to restart the network settings.
  5. Once the settings are applied, you can connect to DSM via HTTPS. Open a browser and type https://yourdomainname:5001, where "yourdomainename" is the name of the server or the domain name entered to access the Synology NAS.

A port number must be entered to connect via HTTPS. By default, port 5001 is used for HTTPS. If you have enabled the option to automatically redirect to HTTPS, then entering the port number is not required because the redirection is automatic.

2
Create certificate registration request and import a signed certificate

When connecting to the Synology NAS over HTTPS, a warning window will most likely appear in the browser. This warning appears because the web browser requests the third-party certificate to verify the identity of the Synology NAS, but the browser does not trust the default certificate of the Synology NAS. The displayed warning in the browser can be avoided by adding the domain as a security exception, allowing you to access DSM normally.

However, to verify the identity of the Synology NAS and to ensure that the connection is truly secure, you need a third-party certificate from a trusted certificate authority such as EuropeanSSL. To obtain a third-party certificate for your Synology NAS, you will need a registered domain name.

Create Certificate Signing Request (CSR)

  1. Go to Control Panel > Security > Certificate.
  2. Click the "CSR" button.
  3. Select Create Certificate Signing Request, and then click Next.
  4. Enter the appropriate information for the certificate enrollment request. Click Next when you have entered all the information.
    1. In the "Common Name" field, type the domain name for accessing the Synology NAS.
    2. In the "Email" field, type the email address for the domain name.
  5. The system creates a certificate registration request. Then click "Download" to obtain the CSR.
  6. A file named "archive.zip" will be downloaded to your computer. It should contain the two files "server.csr" and "server.key". Keep both files in a safe place on your computer. Do not share the key with anyone else, as this can be a security risk for your website visitors.
  7. Now you can use the "server.csr" file to order a signed SSL certificate on our website.
3
Import signed certificate into DSM
  1. After you receive a signed certificate from a certificate authority, go to Control Panel > Security > Certificate and click Add.
  2. Select Add New Certificate, and then click Next.
  3. Click "Import Certificate" and then click "Next".
  4. Click Browse to import the following files:
    • Private key: Select the server.key file that you previously saved on your computer.
    • Certificate: Select the signed certificate (.crt file) that you received from the certification authority.
    • Intermediate certificate: Import the intermediate certificates from the .ca file here.
  5. After clicking "Ok" the signed certificate should be imported successfully.

Be sure to keep your private key and certificate files in a safe place. These files may be required when upgrading or modifying servers.

If you have any questions about the procedure or problems with the installation, please do not hesitate to contact our support.

Back to the index...
Was this article helpful?
No Yes
We use cookies for the technical functionality of this website. With your consent, we also collect page views and other statistical data in anonymized form.

Only required
Accept all
Select individually
Cookie Settings
Read Privacy Statement