Wildcard Certificates Coming January 2018 from Let’s Encrypt

Discuss with the community any ideas you'd love to see in future DiskStations and DSM updates! We do our best to monitor and forward all of them, but we recommend to also use this form as our team will systematically see your suggestion:
https://www.synology.com/form/inquiry/feature
Forum rules
We've moved! Head over to Synology Community (community.synology.com) to meet up with our team and other Synology enthusiasts!
drabisan
Guru
Guru
Posts: 1543
Joined: Sat Jul 17, 2010 12:04 pm

Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by drabisan » Fri Jul 07, 2017 2:03 pm

Wouldn't be great Synology to acquire a *.synology.me certificate and enable all of us to secure our DSs?
https://letsencrypt.org/2017/07/06/wild ... -2018.html

Today having a certificate and DDSN is not necessarily a friendly solution and this would be one way to solve it.

sincarne
Guru
Guru
Posts: 1578
Joined: Wed Feb 15, 2017 9:57 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by sincarne » Fri Jul 07, 2017 8:24 pm

drabisan wrote:Wouldn't be great Synology to acquire a *.synology.me certificate and enable all of us to secure our DSs?
https://letsencrypt.org/2017/07/06/wild ... -2018.html

Today having a certificate and DDSN is not necessarily a friendly solution and this would be one way to solve it.
LE cert already work for Synology DDNS. Not sure what mean. QuickConnect also have cert. It be nice to get wildcard for our own domain like can do now in DSM without wildcard

mattdm
I'm New!
I'm New!
Posts: 6
Joined: Tue Feb 28, 2017 10:52 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by mattdm » Thu Jul 27, 2017 4:04 pm

They would then need to put that wildcard cert on *every device* -- the private key portion of it. This would not be very secure at all.

It would be better for Synology to provide a Let's Encrypt service making it easy for users to get and automatically renew their own certs.

sincarne
Guru
Guru
Posts: 1578
Joined: Wed Feb 15, 2017 9:57 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by sincarne » Thu Jul 27, 2017 9:24 pm

mattdm wrote:It would be better for Synology to provide a Let's Encrypt service making it easy for users to get and automatically renew their own certs.
That in DSM 4 long time...

mattdm
I'm New!
I'm New!
Posts: 6
Joined: Tue Feb 28, 2017 10:52 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by mattdm » Fri Jul 28, 2017 8:49 pm

[quote="sincarne"][/quote]

Why so it is! Problem solved!

User avatar
cread
Knowledgeable
Knowledgeable
Posts: 334
Joined: Sat Jan 08, 2011 5:56 am

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by cread » Wed Feb 21, 2018 2:06 am

Apparently still experimental and we do not use ACME (or even ACMEv2) so until this is updated, no wildcards, at least using the DS to get the certs.
The current interface does not allow * at all
- Chip
DS916+, DSM 6.2-23739-1 , 2x HGST NAS 4T HDN724040ALE640, USB backup of DS, CyberPower UPS
Apache 2.4,Audio,Calendar,CardDav,Drive,Docker,Doc Viewer,Download,File,Media,Note,Office,Surveillance,Text,VPN,Web,Audio,Photo,Python,Hyper Backup, WebDav, MariaDB, PHP7, (SMB, SSH, FTP)
RT2600ac-1.1.7-6941-1, VPN+ (Web VPN only),
DS211, DSM 6.0.2-8451 Update 6, 2x HGST NAS 4T HDN724040ALE640, USB backup of DS,
PC= Win7, I7-860 Trubo@3.5G, 8G, and 5T HD's installed

AIVAS
I'm New!
I'm New!
Posts: 8
Joined: Sun Mar 18, 2012 12:41 pm

FYI: Let's Encrypt now allows wildcard certs

Unread post by AIVAS » Tue Mar 13, 2018 8:40 pm

As of March 13, 2018 Let's Encrypt offers wildcard certificates. Synology will have to update the script(s) to support the new ACME v2 protocol. So, while this is good news, we will have to wait for an update from Synology.

Also note:
"Wildcard domains MUST be validated using the DNS-01 challenge type. This means that you’ll need to modify DNS TXT records in order to demonstrate control over a domain for the purpose of obtaining a wildcard certificate."
https://community.letsencrypt.org/t/acm ... live/55579

User avatar
cread
Knowledgeable
Knowledgeable
Posts: 334
Joined: Sat Jan 08, 2011 5:56 am

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by cread » Wed Mar 14, 2018 3:56 am

They are here, so now it is up to Synology. They need to make LE cert requests an app so that it would port to SRM as well (and more easily update-able).
- Chip
DS916+, DSM 6.2-23739-1 , 2x HGST NAS 4T HDN724040ALE640, USB backup of DS, CyberPower UPS
Apache 2.4,Audio,Calendar,CardDav,Drive,Docker,Doc Viewer,Download,File,Media,Note,Office,Surveillance,Text,VPN,Web,Audio,Photo,Python,Hyper Backup, WebDav, MariaDB, PHP7, (SMB, SSH, FTP)
RT2600ac-1.1.7-6941-1, VPN+ (Web VPN only),
DS211, DSM 6.0.2-8451 Update 6, 2x HGST NAS 4T HDN724040ALE640, USB backup of DS,
PC= Win7, I7-860 Trubo@3.5G, 8G, and 5T HD's installed

ATLief
Trainee
Trainee
Posts: 11
Joined: Tue Nov 28, 2017 5:00 am

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by ATLief » Tue Mar 20, 2018 12:27 am

In the mean time, you can use another ACMEv2 client to request wildcard certificates, and then manually import them into DSM.

I'd recommend installing ACME.sh on your NAS as root or admin via SSH, but really any ACME client will work.

ShinySteelRobot
I'm New!
I'm New!
Posts: 2
Joined: Mon May 07, 2018 9:07 am

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by ShinySteelRobot » Sun May 13, 2018 6:28 am

Hi, I'm pretty new to Synology in general... Is there any way to know if they're working on adding Let's Encrypt wildcard support to DSM for a future release? Or do we just have to wait and cross our fingers and hope? Thanks

Rbztek
I'm New!
I'm New!
Posts: 1
Joined: Fri May 18, 2018 11:54 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by Rbztek » Sat May 19, 2018 12:21 am

I need this! @synology when will this be available?

nitroxaddict
I'm New!
I'm New!
Posts: 7
Joined: Fri Jul 05, 2013 12:39 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by nitroxaddict » Tue Jul 03, 2018 8:30 am

+1

Krishen
I'm New!
I'm New!
Posts: 5
Joined: Mon Mar 04, 2013 2:26 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by Krishen » Thu Jul 05, 2018 10:32 am

+1 @Synology DEV team.. when will it be possible to add Let's Encrypt WildCard SSL certificates ?

zeeto
Rookie
Rookie
Posts: 34
Joined: Fri Jul 20, 2012 12:54 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by zeeto » Thu Jul 19, 2018 5:54 pm

+1

seemebreakthis
Beginner
Beginner
Posts: 25
Joined: Fri Sep 10, 2010 7:02 pm

Re: Wildcard Certificates Coming January 2018 from Let’s Encrypt

Unread post by seemebreakthis » Sat Aug 11, 2018 4:48 pm

+1

Locked

Return to “Feature Requests & Product Improvement Suggestions”