Synology NAS on Internal Network

Looking for some general / help and direction on what is possible.
( I took a look around the forum and found most folks with this issue didn't have a domain... )

  • I have a publicly registered domain (with google domains)
  • I have a Synology NAS on an Internal network.
  • The NAS has access out to the internet, but cannot be accessed externally. ( I don't want to expose the NAS to the internet )
  • I would like use a publicly trusted certificate for the NAS because I don't want to push a self signed CA cert to all of my devices and browsers.

Are there any ways to make this work with a Lets Encrypt certificate? Alternatives?

The DNS challenge is well suited to this situation.

The question is whether Synology's software supports it.

There are some external ACME clients (like Synology NAS Guide · acmesh-official/ Wiki · GitHub) which support the DNS challenge and automatically deploying to Synology NAS devices. You could look into that.

You'd need a Linux-(ish) server to run on, though. It would only need outbound access. You may need to move your DNS hosting to somewhere like Cloudflare because I don't think Google Domains (unlike Google Cloud DNS) has a good enough API. You can do this for free.


Thanks for the quick reply, I'll give this a try. I didn't see this option when I was looking around... It appears as though I can install this directly on the NAS. Will give it a shot with google domains, and if not, will move over to cloudflare.


1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.