Synology SSL Certificate Setup for GoDaddy

Synology SSL Certificate Setup

Synology SSL Certificate Setup for GoDaddy

Synology remote access requires a key component called a SSL certificate for securing your data.  Webpage warnings can be avoided by adding the domain as a security exception, allowing you to access DSM normally. However, to verify the identity of the Synology NAS and ensure the connection is truly secure, you will need to a third-party certificate from a trusted certificate authority.   The less secure alternative is a self signing cert.  Below is instructions for a third-party certificate authority such as GoDaddy.

To obtain a third-party certificate for your Synology NAS, please make sure you have a registered domain name. You must also pay any expenses required by the certificate authority.

Pro Synology IT Support Tip! Scroll down go GoDaddy Specifics for importing the CSR

Certificate Setup:

  • Note the import cert is as below. Indeed they are the .key and gd issued crt, and you need the gd1 intermediate bundle.
  • On the Import Certificate screen, click browse and import the following files.
    Private Key: Select the server.key file that you saved on your computer earlier
    Certificate: Select the signed certificate that you received from the certificate authority. The file name should be something like server.crt or yourdomainname.crt.
    Intermediate Certificate: This field is optional. If the certificate authority provided an intermediate certificate, please import it here

Detailed Certificate Setup Explanation  ***Important, Click Here & Resume w instructions below once you get to third party SSL section***

Get the CSR
1.      Download server.csr to your computer. *Save the Synology Zip as Synology_CSR.zip
2.      Open server.csr with text editor and copy the text

Obtain a Certificate (GoDaddy Specifics)

Contact GoDaddy at 1 (480) 505-8877 for purchasing a standard SSL certificate.  Then go to the following link to complete the setup.    https://certs.godaddy.com/

Take the CSR to a Certificate Authority (CA) such as Godaddy.
Purchase a SSL Certificate (CRT).
Request or generate the CRT; you will need your CSR (from Synology Control Panel – Certificate).
Godaddy requires that you request the CRT and will prompt you for your CSR. Paste (open using notepad and include dashes/everything) in the text from the server.csr

 

Illustrated GoDaddy Certificate Setup

Godaddy has a certificate manager page when you log in to your account on their website.
https://certs.godaddy.com/

Note:  Are you troubleshooting your current Synology SSL Certifcate setup?  Make sure you setup your common name correctly so it shows diskstation or dsm.domainname.com.

 

 

 

 

 

 

 

Detailed Certificate Setup Explanation  ***Important, Click Here & Resume w instructions below once you get to third party SSL section***

 

Synology CSR Certificate Setup

 

 

 

 

 

 

1) Open CSR file created in Synology in notepad

Select all and copy

ProTip!  Want to check to confirm if your CSR file has the correct information?  ie common name, etc

Paste into this tool…  https://www.sslshopper.com/csr-decoder.html  (make sure you hit enter a couple times after pasting into the file to verify the contents)

Synology CSR Certificate Setup

 

 

 

 

 

2) Paste the entire note pad text from the CSR file

Synology CSR Certificate Setup

 

 

 

3) Choose this option if hosting your own server or Synology

 

Synology CSR Certificate Setup

*

 

 

 

 

 

 

make sure it has the correct common name you inserted at the creation of the CSR on the Synology

 

 

 

 

 

 

 

 

Synology CSR Certificate Setup

 

 

 

 

 

Make sure it has the correct common name you inserted at the creation of the CSR on the Synology.

https://dsm.yourdomainname.net

Synology CSR Certificate Setup

 

 

 

 

 

 

Wait for the email… And download the file.

  • server.key (from Synology CSR, not the latest download from GoDaddy_
  • Certificate enter location of domain.crt (not the “bundle.crt”) you received from GoDaddy
  • Intermediate certificate enter location of the gd_bundle.crt you received from GoDaddy

Cerificate file

 

 


Note:  Make sure the new domain cert is the default cert.

Synology SSL Certificate Setup for GoDaddy Summary

 

Make sure you have the correct common name.   ie diskstation.domainname.com   It may show up under the key but there may be an extra step to enter the FQDN.
Download the CRT.
*This is either through an email or DNS text record edit.

You may receive some additional files, but the CRT is the one that you really need.
The files may be zipped. If so, expand the files.

Download the server.key you created earlier to your computer.  *GoDaddy account retains zip for the length of certificate

Log in to DSM->Control Panel->Network->DSM Settings->HTTP Service Tab
Click enable HTTPS connection
Click Add and Import certificate
Private key enter location of server.key
Certificate enter location of domain.crt (not the “bundle.crt”) you received from GoDaddy
Intermediate certificate enter location of the gd_bundle.crt you received from GoDaddy
Click OK
Click Apply

Now it’s associated with your domain name.  Please point your DNS to the Synology to take advantage of the 3rd party SSL certificate.  ie  diskstation.yourdomainname.com

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *