Hi
I have bought a Synolygy NAS private use.
I need a SSL certificate Iand I don’t have a domain name.
How can I get a Let’s Encrypt free SSL?
Thank you for your help and support.
Willy
Hi @Willy
that doesn't work. If you want a certificate which is confirmed from a public certificate authority (CA), you must have a public domain name. So the CA can check that you are owner of this domain name.
No domain name -->> no public confirmed certificate.
Let’s Encrypt doesn’t issue certificates for IP addresses, though some CAs do.
You could buy a domain.
You could get a free domain.
You could use a dynamic DNS service to get a subdomain.
In particular, would Synology DDNS work for you?
https://www.synology.com/en-us/knowledgebase/DSM/tutorial/General/What_Is_Synology_DDNS_Service
Hi
But I read on Synology website thisz 
“Yes, SSL is supported. You will get a warning when trying to connect to your Synology NAS if the certificate on your Synology NAS is self-signed. From DSM 6.0 on, you can get a free, trusted certificate from Let’s Encrypt.”
That's correct - if you have a domain name, which is used by your NAS.
Letsencrypt certificates are free and trusted.
So if have to “buy” a domain name?
Or can I find a domain name for free?
In case I have to buy a domain name only to have the possibility to “activate” a Letsencrypt certificate, which one do you recommand me?
See the link @mnordhoff has posted.
DDNS (Dynamic Domain Name Service) simplifies connecting to your Synology NAS over the Internet by mapping a hostname to its IP address. As a DDNS provider, Synology offers a variety of host addresses (such as *.synology.me, *.DiskStation.me, *.myDS.me, etc.) free to registered users with a Synology Account to apply to their NAS devices. On the DSM web interface, go to Control Panel > External Access > DDNS for related settings. On the SRM web interface, go to Network Center > Internet > QuickConnect & DDNS for related settings.
So choose one of these domains and your own name.
1 Like
I have create a quickconnect.to/… with my name and so I have created also a Synolgy certificate but even if I marked it as Trusted, when I go on Google or Safari Browser, is does not recognise it as a "trusted "certificate.
Also in order to have a Lets’s Encrypt certificate, I need to have a domain name…
quickconnect.to/ doesn't sound like a DDNS service to me.
For the, like, third time, you'll need to get a (sub)domain name for Let's Encrypt certificates to work.
I just bought with OVH.com a domain name. But now I don’t know how to get a Let’s Encrypt certificate?
Once the domain name is pointed at your NAS device, there are features in the Synology user interface to create a certificate.
I didn’t find the official Synology documentation with a quick web search, but I know I’ve seen these instructions there as well.
Hi
Yes I am up to date with my NAS : DSM 6.2-23739 Update 2.
It is really not easy to understand the all process and configuration to get Let’s Encrypt certificate installed…
I also read a lot and there are so many possibilties to mistake the configuration.
I continue my research …
Thanks to all of you for your support!
A key point is that it’s almost always easier to use the Synology built-in features to create and install the certificate on the device from within DSM, rather than using some other tool and importing the certificate afterward. A lot of confusion may come in when people describe other processes that create the certificate elsewhere or with other software (which used to be a popular approach but is now superseded for almost all purposes by the DSM’s native Let’s Encrypt support).
What part does the Synology documentation not explain?
It is true …
I have Synology Certificate installed, the one that is originally from Synology and issued with the DMS but the problem is that even if it is marked as Trusted, when I open the link with Google Chrome, is shows as “Not Secure”!
Yes, you'll need a Let's Encrypt certificate. And @schoen has linked to a guide on how to get a Let's Encrypt certificate with Synology DSM. Just telling us "it doesn't work!!11oneone" doesn't really gives us much to work with. For us to help you, you'll need to exactly specify what you've tried, what results you were expecting and what results you actually got. Or tell us if you don't understand something, but tell us WHAT you don't understand, not just telling us you don't understand it, because we don't have crystal globes or something.
I thought you had one, but it kept getting broken.
Yeah, it was damaged beyond repair this time and you can't really buy a new one at Wallmart 
SSL works fine with no domain name, just use DDNS with Synology, i.e. myname.synology.me and request a certificate via the security section as per normal using that domain. Works fine.
Willy,
I’ve also got a Synology NAS and I use a free DDNS service to point to my NAS for the Let’s Encrypt Certificate. There are a few hoops to jump through, including getting Web Station on your NAS and making sure port 80 on your router forwards to your NAS.
After all that, though, if you’re on your home network and connect to your NAS, you will still get the warning page, because the SSL certificate will be for your domain, but your browser will be connecting to a local IP address instead of the domain associated with your certificate.
So, if you want a CA trusted certificate for connection to your NAS outside from your home network, Let’s Encrypt is a good solution. But if you just want to get rid of the “Not Secure” warning when accessing your NAS within your home network, it won’t work.