A major DSM update that includes: Cloud Station, ezCloud Service, iSCSI LUN Backup, Desktop Widgets, Application Portal, Antivirus Essential, File Station Enhancements, Surveillance Station 5 Enhancements, Photo Station 5 Enhancements, Download Station Enhancements, Media Indexing Service, VPN, Syslog, Hotspot, Connection Manager, Configuration Backup Enhancements, SMART Test Scheduler, Apple Routers Support, and DSM mobile Enhancements.
by catweazle71 » Thu Feb 02, 2012 5:39 pm
Hi,
I like to use an official SSL certificate to encrypt web sessions e.g. to DSM.
I even tried RapidSSL and Thawte, but had no luck. Thawte would work well if I had not to use an intermediate certificate from CA (in fact two CA's in a bundle crt-file).
Actually it seems that such a constellation is not installable on a Disk Station running DSM 4.0 beta, because I didn't find a way to install the chain file for the synology apps like file station. I integrated the chain file to httpd-conf files in /usr/syno/apache/conf/extra/httpd-ssl.conf-xxx
I didn't find a guide for this wherever I searched
Does anybody has an idea
-
catweazle71
- I'm New!
-
- Posts: 2
- Joined: Wed Feb 01, 2012 6:21 pm
by wormoworm » Fri Feb 03, 2012 10:37 pm
I followed this method yesterday and can confirm it works nicely (on DSM 4.0) The key you upload to the NAS must be the unencrypted one, and for StartSSL to accept your .csr file, it must be an RAS 2048-bit csr (I tried with 1024 and no luck).
The tricky part is actually validating your domain with StartSSL, as to validate a csr you must have a validated domain, which is done by them sending an email to an address at that domain. SO for me they wanted to send an email to
webmaster@tohmomewood.co.uk in order to validate
www.tomhomewood.co.uk.
Trouble is, I did't have this email address set up, but luckily my provider (123reg.co.uk) offer a 'catch-all' email forwarding service, which send emails onto another address. Once this was done everything else went fine
-
wormoworm
- I'm New!
-
- Posts: 9
- Joined: Thu Jul 21, 2011 11:56 am
by gangsterwagen » Fri Feb 03, 2012 10:49 pm
Yeah, it works, but when Synology positioning their product for small and medium business it should be user friendly tool to do it.
-
gangsterwagen
- Versed
-
- Posts: 267
- Joined: Sat Jul 19, 2008 3:43 pm
by szrobi » Mon Feb 27, 2012 6:40 pm
I had no luck with cert.
1. Tried the method decriebed on the separate post (generate cert request) and non encrypted key + cert gave an error message that the cer does not belong to the key...
2. Tried the e2e StartSSL method (generating private key too on their front-end) .. well it caused DSM to crash fully (all web services: http, ftp, ssh etc..) twice, so had to reinstall the DSM. It accepted the key&cert pair though (crash came after "restarting web services" message).
-
szrobi
- I'm New!
-
- Posts: 9
- Joined: Sat Feb 26, 2011 12:54 pm
by gangsterwagen » Mon Feb 27, 2012 8:00 pm
szrobi wrote:I had no luck with cert.
1. Tried the method decriebed on the separate post (generate cert request) and non encrypted key + cert gave an error message that the cer does not belong to the key...
2. Tried the e2e StartSSL method (generating private key too on their front-end) .. well it caused DSM to crash fully (all web services: http, ftp, ssh etc..) twice, so had to reinstall the DSM. It accepted the key&cert pair though (crash came after "restarting web services" message).
I suppose that you are a serious person. You use Synology products to speed up your business, but you can't and waste time for stupid activity which should be done by the DSM
-
gangsterwagen
- Versed
-
- Posts: 267
- Joined: Sat Jul 19, 2008 3:43 pm
Return to DiskStation Manager 4.0 BETA
Who is online
Users browsing this forum: No registered users and 0 guests
