Install an SSL Certificate on a Synology NAS

From My Big Bad Wiki
Jump to navigation Jump to search

This guide will walk you through installing an inexpensive SSL Certificate on you Synology NAS (Running DSM 5.2-5644 as of this writing)

  • Go in to the Synology Control Panel and enable 'Advance' mode.


  • Go in to Security (on the left column), then click on Certificate (across the top towards the right)
  • Click Create Certificate
  • Click Create certificate signing request (CSR)
  • Leave the default key length at 2048, and fill out the rest of the form with accurate information. and click Next
  • Now click Download to receive your CSR files
  • Extract the files of the zip file you just downloaded
  • Login in to (or create) your account
  • Choose the PostiveSSL for the length of years you want (I chose 3 years)
  • Enter your payment info
  • Review your order and choose Pay Now
  • You now have an available certificate in your account that you can use with the Certificate Signing Request we created earlier
  • After your order is complete, you will be at the Order Summary page, click the Manage button
  • On the next page click Activate
  • Open the server.csr file and paste its contents in to the CSR box, and choose Apache, Nginc, cPanel, or Other as the Server Type and press Submit
  • It will give you a summary of the info you enter in the CSR. If everything looks correct press Next
  • Now for what can be the tricky part. You need to verify that you truly own the domain name you're registering an SSL cert for. There are three options. For me, the easiest is the email option.
  • Once domain verification completes, you're cert will be emailed to you as a zipped attachment. If you don't receive it, or have issues getting attachments, you can simply log in to your dashboard and download it.
  • Extract the zipped files
  • Head back to the Synology interface and head to Control Panel, Security, and then Certificate and choose Import.
  • Add the 3 files it requests
    • Private Key: (this is the filed called server.key that was create CSR)
    • Certificate: (this is the crt file issued by Comodo (purchased through
    • Intermediate Certificate: (this is the ca-bundle file also received from Comodo)

That's it. It will restart the web services of the NAS and once back up it will now be utilizing the new cert.