Have you updated your Synology to the latest DSM 6? If you haven’t done it yet, here is reason to get you started.
I have been wanting to do this for a long time, but I never managed to figure out how to do it until now.
First step:
- You need to have your own domain name pointing at your synology. Follow this guide to learn how.
Once you have done that, here is what you do.
Navigate to Security and then click on certificate:
You will have the self-signed Synology certificate available.
Let’s add a certificate for the domain name you created in the previous step:
- Click on Add
- Select Add new certificate
Note, If you get an error while obtaining the certificate, you need to open port 80/443 in your router (Thanks hades2003 for the tip):
Select, Get a new certificate from Let’s encrypt.
To create your certificate, you need to:
- Add your new domain (or subdomain): ds.example.com or example.com
- Add your email
- Enter your old DDNS address: mydomain.synology.me
Now that the new certificate has been created, click on it and select “configure”:
Click on each service and change to your new certificate:
Now, log out of your synology and login using your new domain name. You should see this:
One last change:
- Navigate to Network
- DSM settings
- It is recommended to change your Http and https port numbers (you can do it here)
- Check: automatically redirect http to https , so all your logins and user’s logins will be secured
And you are done!!
Enjoy!!
Gracias Ruth por publicar el tutorial,en mi NAS durante el proceso de la descarga del certificado desde Let´s Encrypt mostraba un error de conexión, para evitarlo se tiene que habilitar en el router el port forwarding de los puertos 80/443 a la IP de la NAS (El 80 solamente se requiere para la descarga inicial del certificado, finalizado el proceso se puede desactivar).
Saludos
LikeLike
Muchas gracias Hades! Me podrías mandar el error que te mostraba? (Si lo recuerdas). Actualizare la guía con tus indicaciones, seguro que ayuda a alguien con el mismo problema. Saludos, Ruth
LikeLike
Adjunto un enlace con la captura del error.
LikeLike
Genial, muchas gracias! Mañana actualizo la guía.
/Ruth
LikeLike
Hello Ruth —
Thank you for putting up these instructions. I am trying to get this working with our Synology, using example mytest.synology.me for DDNS and mytest.exampledomain.com as the subdomain. I am able to get through the LetsEncrypt certificate creation process correctly, and the Control Panel indicates that a certificate for mytest.exampledomain.com is correctly registered.
However when I go to the following URL in Firefox, I get a “Your connection is not secure” error where it ind:
https://mytest.exampledomain.com:12121
Note that 12121 is the port to reach the DiskStation admin console (i.e. when I log in locally, I go to some thing like 10.0.1.55:12121). I have confirmed that port 12121 is open on my router and re-directing to the Synology. In fact, if I tell Firefox to make a certificate exception to the above URL, then it works fine, so I know it is possible to reach the Synology from outside, just not via a certificate that is recognized as valid.
Any suggestions?
Ramon
LikeLike
Hi Ramon,
Unfortunately I omit one step. You need to reconfigure all your services with the new certificate:
I have updated the guide now, let me know if you still have problems,
Best Regards,
Ruth
LikeLike
Hi Ruth.
I am succeeded setup DMS with https/SSL and every application(Video Station,File Station) accessed via https works fine, but Photo Station access field.
Any idea? Thinks.
LikeLike
Hi Jimmy,
Enabling HTTPS under DSM Settings does not work for Web or Photo station. These two applications require enabling HTTPS in their own UI. To enable HTTPS on Photo Station, open the application, go to “General Settings >Other Settings” and check “Automatically redirect http to https”.
/Ruth
LikeLike