Synology NAS using LE as a CA Signing Authority?

Server
15

You can follow below step to using Let’s Encrypt CA on Synology NAS.

  1. join Let’s Encrypt Beta, type in your domain name and e-mail address
    https://docs.google.com/forms/d/15Ucm4A20y2rf9gySCTXD6yoLG6Tba7AwYgglV7CKHmM/viewform?edit_requested=true

  2. wait about one day, you will get a mail from Let’s Encrypt, It is mean your domain already on Let’s Encrypt Server’s whitelist.

  3. log in your synology then creat folders (.well-known/acme-challenge) in “web” shared folder.
    e.g. web/.well-known/acme-challenge
    note: you have to enable web station service and make sure let’s encrypt server could access your NAS by 80 port.

  4. use ubuntu OS 14.04.1, open terminal then type
    $ git clone https://github.com/letsencrypt/letsencrypt
    $ cd letsencrypt
    $ ./letsencrypt-auto --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory certonly -a manual

  5. type your domain name and agree IP will be saved.
    e.g. test.synology.me

  6. You will get some information.
    ++++++++++
    Make sure your web server displays the following content at
    h ttp://test.synology.me/.well-known/acme-challenge/aFQ0LDDkn75K3LmvCIUvEYwq2Op1s9-ullGSwjsh0Is before continuing:

aFQ0LDDkn75K3LmvCIUvEYwq2Op1s9-ullGSwjsh0Is.ONcckxWtBH9uUepl5Eo_BMJHTng23yAdFJ_jVtfSNLg

Content-Type header MUST be set to text/plain.
++++++++++

  1. creat a file in NAS acme-challenge folder.

e.g. /acme-challenge/aFQ0LDDkn75K3LmvCIUvEYwq2Op1s9-ullGSwjsh0Is

note1: you can creat file on ubuntu then upload to Synolgoy NAS by file station
note2: file content is “aFQ0LDDkn75K3LmvCIUvEYwq2Op1s9-ullGSwjsh0Is.ONcckxWtBH9uUepl5Eo_BMJHTng23yAdFJ_jVtfSNLg” from above information
note3: make sure the file encoding format is UTF-8. You can check or change the format by Synology text editor on file station.

  1. finish step 6 then press Enter key on ubuntu terminal. You will get the CA files at below path on ubuntu OS.
    /etc/letsencrypt/archive/test.synology.me

  2. copy below files out from step 7 path

cert1.pem
chain1.pem
fullchain1.pem
privkey1.pem

  1. import privkey1.pem, cert1.pem and chain1.pem to Synology NAS certificate.
    control panel > Security > Certificate > “Import certificate”

Private key = privkey1.pem
Certificate = cert1.pem
Intermediate certificate = chain1.pem

  1. Enjoy Let’s Encrypt :slight_smile:
7 Likes