Synology SSL Certificate Setup for GoDaddy
Synology remote access requires a key component called a SSL certificate for securing your data. Webpage warnings can be avoided by adding the domain as a security exception, allowing you to access DSM normally. However, to verify the identity of the Synology NAS and ensure the connection is truly secure, you will need to a third-party certificate from a trusted certificate authority. The less secure alternative is a self signing cert. Below is instructions for a third-party certificate authority such as GoDaddy.
To obtain a third-party certificate for your Synology NAS, please make sure you have a registered domain name. You must also pay any expenses required by the certificate authority.
Pro Synology IT Support Tip! Scroll down go GoDaddy Specifics for importing the CSR
- Note the import cert is as below. Indeed they are the .key and gd issued crt, and you need the gd1 intermediate bundle.
- On the Import Certificate screen, click browse and import the following files.
Private Key: Select the server.key file that you saved on your computer earlier
Certificate: Select the signed certificate that you received from the certificate authority. The file name should be something like server.crt or yourdomainname.crt.
Intermediate Certificate: This field is optional. If the certificate authority provided an intermediate certificate, please import it here
Get the CSR
1. Download server.csr to your computer. *Save the Synology Zip as Synology_CSR.zip
2. Open server.csr with text editor and copy the text
Obtain a Certificate (GoDaddy Specifics)
Contact GoDaddy at 1 (480) 505-8877 for purchasing a standard SSL certificate. Then go to the following link to complete the setup. https://certs.godaddy.com/
Take the CSR to a Certificate Authority (CA) such as Godaddy.
Purchase a SSL Certificate (CRT).
Request or generate the CRT; you will need your CSR (from Synology Control Panel – Certificate).
Godaddy requires that you request the CRT and will prompt you for your CSR. Paste (open using notepad and include dashes/everything) in the text from the server.csr
Illustrated GoDaddy Certificate Setup
Godaddy has a certificate manager page when you log in to your account on their website.
Note: Are you troubleshooting your current Synology SSL Certifcate setup? Make sure you setup your common name correctly so it shows diskstation or dsm.domainname.com.
1) Open CSR file created in Synology in notepad
Select all and copy
ProTip! Want to check to confirm if your CSR file has the correct information? ie common name, etc
Paste into this tool… https://www.sslshopper.com/csr-decoder.html (make sure you hit enter a couple times after pasting into the file to verify the contents)
2) Paste the entire note pad text from the CSR file
3) Choose this option if hosting your own server or Synology
Make sure it has the correct common name you inserted at the creation of the CSR on the Synology.
Wait for the email… And download the file.
- server.key (from Synology CSR, not the latest download from GoDaddy_
- Certificate enter location of domain.crt (not the “bundle.crt”) you received from GoDaddy
- Intermediate certificate enter location of the gd_bundle.crt you received from GoDaddy
Note: Make sure the new domain cert is the default cert.
Synology SSL Certificate Setup for GoDaddy Summary
Make sure you have the correct common name. ie diskstation.domainname.com It may show up under the key but there may be an extra step to enter the FQDN.
Download the CRT.
*This is either through an email or DNS text record edit.
You may receive some additional files, but the CRT is the one that you really need.
The files may be zipped. If so, expand the files.
Download the server.key you created earlier to your computer. *GoDaddy account retains zip for the length of certificate
Log in to DSM->Control Panel->Network->DSM Settings->HTTP Service Tab
Click enable HTTPS connection
Click Add and Import certificate
Private key enter location of server.key
Certificate enter location of domain.crt (not the “bundle.crt”) you received from GoDaddy
Intermediate certificate enter location of the gd_bundle.crt you received from GoDaddy
Now it’s associated with your domain name. Please point your DNS to the Synology to take advantage of the 3rd party SSL certificate. ie diskstation.yourdomainname.com